|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/highlandlabs/cqi-bin/ALFA_DATA/alfasymlink/root/domains/howardbender2/orders/jobs/ |
Upload File : |
#!/usr/bin/perl
# ssl.pl
$version = "2.40";
# 5/22/98
# By Dansie Website Design
# http://www.dansie.net
# Email: [email protected]
# PGP path. Sometimes needs to be set when using PGP.
#$ENV{'PGPPATH'} = '/home/YourName/.pgp';
# GPG path.
#$ENV{'GNUPGHOME'} = '/home/users/YourName/.gnupg';
# Set to 1 if you want to disable ?env and ?path
$disable_diagnostics = 0;
####################################################################
# Authorized HTTP_REFERER
####################################################################
# Set this if you would like to keep others from using your ssl.pl script.
# Example: $authorized_referrers = "www.dansie.net,222.33.22.11,www.YourName.com";
# Make sure you include the domain that the ssl.pl script is on.
# Separate authorized domains by commas.
$authorized_referrers = "";
####################################################################
# Variables for unusual situations.
####################################################################
# Set this variable if your ssl.pl script is on a remote host that has a
# different sendmail path than the host your cart.pl script is on.
# Example: 'c:/winnt/system32/blat.exe';
# Or: 'c:/winnt/system32/blat.exe -server pop.YourName.com';
$ssl_different_sendmail_path = '';
# Set this variable if your ssl.pl script is on a remote host that is a
# Windows NT server. This must be a path to a directory where you will
# have write permissions. Example: 'C:/your/remote/host/temp';
# Blat and Windmail use this temp directory to write the email to before it sends it.
$blat_different_temp_directory = '';
# Datafiles extension
$extension = "dat";
# Ignore this variable.
$perl_redirect = 0;
####################################################################
# Language Variables
####################################################################
$lang[1] = "Secure Payment Form";
$lang[2] = "(This page will say \"Secure Payment Form\" when in SSL mode.)";
$lang[3] = "TOTAL CHARGES: ";
$lang[4] = "Bill To: ";
$lang[5] = "Name: ";
$lang[6] = "Street: ";
$lang[7] = "City: ";
$lang[8] = "State or Province: ";
$lang[9] = "Zip or Postal Code: ";
$lang[10] = "Country: ";
$lang[11] = "E-Mail: ";
$lang[12] = "Phone: ";
$lang[13] = "CC Type: ";
$lang[14] = "Visa";
$lang[15] = "MasterCard";
$lang[16] = "American Express";
$lang[17] = "Novus (Discover)";
$lang[18] = "Diners Club";
$lang[19] = "Carte Blanche";
$lang[20] = "CreditCard# ";
$lang[21] = "Expiration Month: ";
$lang[22] = "Year: ";
$lang[23] = "AUTHORIZE PAYMENT";
$lang[24] = "Submit Credit Card for Approval?\\nPlease be patient.";
$lang[25] = "Non-Secure Payment Form";
$lang[26] = "Sorry, you forgot to enter some important information. Please go back and fill in all fields.";
$lang[27] = "Your credit card info has been sent securely. Thank you. Leaving secure mode now.";
$lang[28] = "There was a failure in processing your credit card. Leaving secure mode now";
$lang[29] = "Secure Online Credit Card Order";
$lang[30] = "Your credit card info has been sent. Thank you. Fetching your printable receipt now. <BR>Please be patient.";
$lang[31] = "If your browser doesn't refresh to a new page in 10 seconds, please click here.";
$lang[32] = "BACK";
$lang[33] = "Submit Check Information For Payment?\\nPlease be patient.";
$lang[34] = "Check Number: ";
$lang[35] = "Check Date: ";
$lang[36] = "Check Amount: ";
$lang[37] = "Authorized By: ";
$lang[38] = "Bank Name: ";
$lang[39] = "Bank Address: ";
$lang[40] = "Bank City, State, Zip: ";
$lang[41] = "Invoice# ";
$lang[42] = "Online Check Draft";
$lang[43] = "Bank Phone: ";
$lang[44] = "Routing Number: ";
$lang[45] = "Account Number: ";
$lang[46] = "ABA/Transit Number (i.e. 63-1256/8764):";
$lang[47] = "I.P. Address: ";
$lang[48] = "Domain: ";
$lang[49] = "Your check and bank info has been sent securely. Thank you. Leaving secure mode now.";
$lang[50] = "Your check and bank info has been sent. Thank you. Fetching your printable receipt now. <BR>Please be patient.";
$lang[51] = "No such PGP key on record: ";
$lang[52] = "Check your settings in Secure Server Variable #10 or contact your host about your PGP key.";
$lang[53] = "Switch Card issue number:";
$lang[54] = "Please click here to go back.";
$lang[55] = "Sorry, this domain is not authorized to POST to this script.";
$lang[56] = "Company Name: ";
####################################################################
# END OF VARIABLES. DO NOT MODIFY SCRIPT BEYOND THIS POINT.
####################################################################
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'}); @pairs = split(/&/, $buffer); foreach $pair (@pairs) { ($name, $value) = split(/=/, $pair); $value =~ tr/+/ /; $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; $value =~ s/~!/ ~!/g; $value =~ s/(`|\*|\(|\)|\[|\])//g; $FORM{$name} = $value; $FORM{$name} = &untaint($FORM{$name}); } $FORM{'customerid'} =~ s/ //g; $delimiter = "|"; if ($stay_in_ssl) { $FORM{'MerchantApprovedURL'} =~ s/http:/https:/i; $FORM{'MerchantUnApprovedURL'} =~ s/http:/https:/i; } if ( $FORM{'mailprog'} =~ /(-server)/ ) { ($FORM{'mailprog'},@temp) = split(/ /,$FORM{'mailprog'}); $blat_server_temp = " @temp"; } @common_sendmail_paths = ("/usr/sbin/sendmail", "/usr/lib/sendmail", "/usr/bin/sendmail", "/bin/sendmail", "/var/qmail/bin/qmail-inject", "/usr/home/stormer/bin/sendmail", "C:/winnt/system32/windmail.exe", "C:/winnt/system32/blat.exe", 'C:\httpd\windmail\windmail.exe', 'C:\httpd\Blat\Blat.exe'); foreach (@common_sendmail_paths) { if (-e "$_") { $FORM{'mailprog'} = "$_"; last; } } if ( $blat_server_temp && $FORM{'mailprog'} !~ /^\// ) { $FORM{'mailprog'} .= "$blat_server_temp"; } if ( $ssl_different_sendmail_path ) { $FORM{'mailprog'} = "$ssl_different_sendmail_path"; } if ( $blat_different_temp_directory ) { $FORM{'blat_different_temp_directory'} = reverse($FORM{'blat_different_temp_directory'}); until ( $FORM{'blat_different_temp_directory'} !~ /\// ) { chop($FORM{'blat_different_temp_directory'}); } $FORM{'blat_different_temp_directory'} = reverse($FORM{'blat_different_temp_directory'}); if ( $blat_different_temp_directory =~ /\/$/ ) { chop($blat_different_temp_directory); } $FORM{'blat_different_temp_directory'} = "$blat_different_temp_directory/$FORM{'blat_different_temp_directory'}"; } if ( $ENV{'OS'} && $FORM{'blat_different_temp_directory'} && $FORM{'MerchantEmail'} ) { $FORM{'blat_different_temp_directory_exists_test'} = "$FORM{'blat_different_temp_directory'}"; $a = ""; until ( $a eq "/" || $FORM{'blat_different_temp_directory_exists_test'} eq "") { $a = chop($FORM{'blat_different_temp_directory_exists_test'}); } if (!-e "$FORM{'blat_different_temp_directory_exists_test'}") { &diagnostics if(!$disable_diagnostics); print "Content-type: text/html\n\n <H3>Dansie Shopping Cart configuration message:<BR> You are attempting to use this directory for writing temporary files to:<BR> \"$FORM{'blat_different_temp_directory_exists_test'}\"<BR> However this directory does not exist. If you are running the ssl.pl script on a different host than the cart.pl script is on then open the ssl.pl script and set the \$blat_different_temp_directory variable near the top of the script.<BR>"; print "</H3>"; &footer; } } $FORM{'target_name'} = "_top"; if ( $FORM{'card_types'} ) { if ( $FORM{'card_types'} =~ /(visa)/i ) { $visa = 1; } if ( $FORM{'card_types'} =~ /(mastercard)/i ) { $mastercard = 1; } if ( $FORM{'card_types'} =~ /(amex)/i ) { $amex = 1; } if ( $FORM{'card_types'} =~ /(novus)/i || $FORM{'card_types'} =~ /(discover)/i ) { $novus = 1; } if ( $FORM{'card_types'} =~ /(dinersclub)/i ) { $dinersclub = 1; } if ( $FORM{'card_types'} =~ /(carteblanche)/i ) { $carteblanche = 1; } } else { $visa = 1; $mastercard = 1; $amex = 1; $novus = 1; $dinersclub = 0; $carteblanche = 0; } if ($FORM{'cardtype'} eq "visa") { $cardtype = "$lang[14]"; } if ($FORM{'cardtype'} eq "mastercard") { $cardtype = "$lang[15]"; } if ($FORM{'cardtype'} eq "amex") { $cardtype = "$lang[16]"; } if ($FORM{'cardtype'} eq "novus") { $cardtype = "$lang[17]"; } if ($FORM{'cardtype'} eq "dinersclub") { $cardtype = "$lang[18]"; } if ($FORM{'cardtype'} eq "carteblanche") { $cardtype = "$lang[19]"; } $check_font_size = "-1"; if ( $ENV{'QUERY_STRING'} ne "check" ) { $subject = "$lang[29]"; } else { $subject = "$lang[42]"; } if ( $FORM{'ssl_url'} =~ /^(https)/i ) { $ENV{'HTTPS'} = "on"; } if ( $FORM{'append_datafile'} =~ /^http/i ) { &diagnostics if(!$disable_diagnostics); print "Content-type: text/html\n\n<H3>Dansie Shopping Cart configuration message:<BR>Please set only system paths in Secure Server Variable #8 in your vars.dat file.<BR> System path example:<BR>"; if ( $ENV{'OS'} ) { print "<B>c:/home/yourname/cgi-bin/orders.dat</B><BR>"; } elsif (!$ENV{'DOCUMENT_ROOT'} && !$ENV{'OS'} ) { print "<B>c:/home/yourname/cgi-bin/orders.dat</B><BR>"; } else { print "<B>/usr/local/etc/httpd/htdocs/yourname/cgi-bin/orders.dat</B><BR>"; } print "URL example:<BR><B>$FORM{'ssl_url'}</B><BR>URLs start with \"http\" system paths do not.<BR>"; print "</H3>"; &footer; } if ( $FORM{'append_datafile'} ) { &diagnostics if(!$disable_diagnostics); $temp = "$FORM{'append_datafile'}"; if ( $FORM{'append_datafile'} =~ /(.+)(\|)(.+)/ ) { $temp = $1; } if (!-e "$temp") { open(FILE,">$temp"); close(FILE); } if (!-e "$temp") { print "Content-type: text/html\n\n<H3>Dansie Shopping Cart configuration message:<BR>You are attempting to append order information to: \"$temp\"<BR>This file or directory does not exist. Please see Secure Server Variable #8 in section 11 of the <A HREF=\"http://www.dansie.net/cart_readme.html\" TARGET=\"ReadMe\">ReadMe</A>. <BR>If this is the correct system path, then create this file or directory and set permissions on it so that it is globally writable. If your ssl.pl script is hosted on a different server than where the cart.pl script is hosted, then you will need to set two system paths in SSV#8. See Secure Server Variable #8 in section 11 the <A HREF=\"http://www.dansie.net/cart_readme.html\" TARGET=\"ReadMe\">ReadMe</A> for detailed instructions."; print "</H3>"; &footer; } if (!-w "$temp") { print "Content-type: text/html\n\n<H3>Dansie Shopping Cart configuration message:<BR>You are attempting to append order information to: \"$temp\"<BR>This file or directory does not appear to have permissions set on it as writable. You will need to set permissions on this file or directory so that the ssl.pl script can write to it, or the order information will not be appended to it. See Secure Server Variable #8 in section 11 the <A HREF=\"http://www.dansie.net/cart_readme.html\" TARGET=\"ReadMe\">ReadMe</A> for detailed instructions."; print "</H3>"; &footer; } } if ( $FORM{'ssl_tracking_dir'} ) { &diagnostics if(!$disable_diagnostics); $temp = "$FORM{'ssl_tracking_dir'}"; if (!-e "$temp") { open(FILE,">$temp"); close(FILE); } if (!-e "$temp") { print "Content-type: text/html\n\n<H3>Dansie Shopping Cart configuration message:<BR>You are attempting to append order information to: \"$temp\"<BR>This file does not exist. Please see Personal Variable #69 in the <A HREF=\"http://www.dansie.net/cart_readme.html\" TARGET=\"ReadMe\">ReadMe</A>. <BR>If this is the correct system path, then create this file and set permissions on it so that it is globally writable. If your ssl.pl script is hosted on a different server than where the cart.pl script is hosted, then you will need to set two system paths in Personal Variable #69. See Personal Variable #69 in <A HREF=\"http://www.dansie.net/cart_readme.html\" TARGET=\"ReadMe\">ReadMe</A> for detailed instructions."; print "</H3>"; &footer; } if (!-w "$temp") { print "Content-type: text/html\n\n<H3>Dansie Shopping Cart configuration message:<BR>You are attempting to append order information to: \"$temp\"<BR>This file does not appear to have permissions set on it as writable. You will need to set permissions on this file or directory so that the ssl.pl script can write to it, or the order information will not be appended to it. See Personal Variable #69 in <A HREF=\"http://www.dansie.net/cart_readme.html\" TARGET=\"ReadMe\">ReadMe</A> for detailed instructions."; print "</H3>"; &footer; } } $date = &get_date; while ($authorized_referrers =~ /(\n|\r|\s|\,)$/) { chop($authorized_referrers); } $authorized_referrers =~ s/\,\,/\,/; $authorized_referrers =~ s/^\,//; (@authorized_referrers) = split(/\,/,$authorized_referrers); foreach (@authorized_referrers) { $_ =~ s/^ //; $_ =~ s/ $//; $_ =~ s/^(www\.)//; } if ( $ENV{'HTTP_USER_AGENT'} =~ /(WebTV)/ ) { $lang[24] = ""; } &diagnostics if(!$disable_diagnostics); if ( !$FORM{'form_action'} && $ENV{'REQUEST_METHOD'} !~ /POST/i ) { print "Content-type: text/html\n\n"; print " <HTML> <HEAD> <TITLE>ssl.pl Installation Success!</TITLE> </HEAD> <BODY BGCOLOR=\"#FFFFFF\"> <H2>Your ssl.pl script is successfully installed!</H2> <H3>To test it:</H3> <UL> <LI>Make sure Personal Variable #24 is set to \"1\" to allow Secure Online Credit Card Transactions. <LI>Set Secure Server Variable #1 to the full URL to this script. <UL> <LI><FONT SIZE=-1>If you want the ssl.pl script to collect credit card info in SSL (Secure Sockets Layer - secure mode) you will need to have a site security certificate. A site security certificate will allow you to set SSV#1 with an \"https\" URL. If you are not sure if you have a site security certificate or would like to obtain one, contact your web host for help with that.</FONT> </UL> <LI>Make sure Personal Variable #42 is set to the full URL of this script if using Online Check Draft payment option. (It would be the same as Secure Server Variable #1.) <LI>Place an item in your shopping cart. <LI>Choose Secure Online Credit Card Transaction or Online Check Draft as your payment method. <LI>Submit your shipping address. <LI><A HREF=\"http://www.dansie.net/creditcards.html\" TARGET=\"creditcards\">More Details</A> on credit card transactions. </UL>"; &footer; } if ( $ENV{'QUERY_STRING'} eq "www.aba.net.au" ) { &authorized_referrers; $FORM{'fulltotal'} *= 100; print "Content-type: text/html\n\n"; print " <HTML> <HEAD> <TITLE>Secure Payment Form - $FORM{'MerchantName'} </TITLE>\n$FORM{'meta_tag'}\n </HEAD> <BODY BGCOLOR=\"$FORM{'MerchantBgrdColor'}\"> <CENTER> <APPLET CODEBASE=\"https://sec.aba.net.au/merchant/wbs/classes\" ARCHIVE=\"start.zip\" CODE=\"sec.tools.SecurEpayment.SecurEpayment.class\" WIDTH=470 HEIGHT=286> <PARAM NAME=\"CABBASE\" VALUE=\"payment.cab\"> <PARAM NAME=\"secparams\" VALUE=\"$FORM{'MerchantID'}\"> <PARAM NAME=\"referenceid\" VALUE=\"$FORM{'customerid'}\"> <PARAM NAME=\"amount\" VALUE=\"$FORM{'fulltotal'}\"> <PARAM NAME=\"resulturl\" VALUE=\"$FORM{'MerchantApprovedURL'}\"> <PARAM NAME=\"copyright\" VALUE=\"Copyright 1997 Australian Business Access, All Rights Reserved. Use without permission strictly prohibited.\"> </APPLET> </CENTER> </BODY></HTML>"; exit; } if ( $ENV{'QUERY_STRING'} eq "atsbank" ) { $ats_redirect = "http://trans.atsbank.com/cgi-bin/redirect.cgi?"; &authorized_referrers; print "Content-type: text/html\n\n"; print " <HTML> <HEAD>"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "<TITLE>$lang[1] - $FORM{'MerchantName'}</TITLE>"; } else { print "<TITLE>$lang[25] - $FORM{'MerchantName'}</TITLE>"; } print "\n$FORM{'meta_tag'}\n</HEAD>"; if ( $FORM{'MerchantBgrdColor'} =~ /^(http)/ ) { print "<BODY BGCOLOR=\"#FFFFFF\" BACKGROUND=\"$FORM{'MerchantBgrdColor'}\">"; } else { print "<BODY BGCOLOR=\"$FORM{'MerchantBgrdColor'}\">"; } print "<FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"> <FORM METHOD=post ACTION=\"https://trans.atsbank.com/cgi-bin/ats.cgi\"> <INPUT TYPE=hidden NAME=\"amount\" VALUE=\"$FORM{'amount'}\"> <INPUT TYPE=hidden NAME=\"MerchantName\" VALUE=\"$FORM{'MerchantName'}\"> <INPUT TYPE=hidden NAME=\"atsid\" VALUE=\"$FORM{'atsid'}\"> <INPUT TYPE=hidden NAME=\"subid\" VALUE=\"$FORM{'subid'}\"> <INPUT TYPE=hidden NAME=\"ci_memo\" VALUE=\"$FORM{'customerid'}\"> <INPUT TYPE=hidden NAME=\"MerchantEmail\" VALUE=\"$FORM{'MerchantEmail'}\"> <INPUT TYPE=hidden NAME=\"accepturl\" VALUE=\"$ats_redirect$FORM{'accepturl'}\"> <INPUT TYPE=hidden NAME=\"declineurl\" VALUE=\"$ats_redirect$FORM{'declineurl'}\">"; print "<H1><CENTER>$FORM{'MerchantName'}</CENTER></H1><P><H4><CENTER>"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "$lang[1]"; } else { print "$lang[25]<BR>$lang[2]"; } print "</CENTER></H4><P> <H4><CENTER> </CENTER></H4><P> <B> <CENTER> $lang[3] $FORM{'amount'} </CENTER> </B> <CENTER> <H3>$lang[4] </H3> </CENTER> <B> <CENTER> <TABLE BORDER=1> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[5] </FONT></TD><TD><INPUT name=\"ccname\" size=30 value=\"$FORM{'ccname'}\"></TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[6] </FONT></TD><TD><INPUT name=\"ci_billaddr1\" size=30 value=\"$FORM{'BillStreet'}\"></TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[7] </FONT></TD><TD><INPUT name=\"ci_billcity\" size=30 value=\"$FORM{'BillCity'}\"></TD> </TR>"; if ( $FORM{'use_state'} ) { print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[8] </FONT></TD><TD><INPUT name=\"ci_billstate\" size=30 value=\"$FORM{'BillState'}\"></TD> </TR>"; } if ( $lang[9] ) { print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[9] </FONT></TD><TD><INPUT name=\"ci_billzip\" size=10 value=\"$FORM{'BillZip'}\"></TD> </TR>"; } print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[10] </FONT></TD><TD><INPUT name=\"ci_billcountry\" size=30 value=\"$FORM{'BillCountry'}\"></TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[12] </FONT></TD><TD><INPUT name=\"ci_phone\" size=20 value=\"$FORM{'BillPhone'}\"></TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[11] </FONT></TD><TD><INPUT name=\"ci_email\" size=30 value=\"$FORM{'BillEmail'}\"></TD> </TR>"; $confirm = "$lang[24]"; print " <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[20] </FONT></TD><TD><INPUT name=\"ccnum\" size=30 value=\"\"></TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[21]</FONT> </TD><TD> <INPUT TYPE=TEXT NAME=\"expmon\" SIZE=10></TD></TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[22]</FONT> </TD><TD> <INPUT TYPE=TEXT NAME=\"expyear\" SIZE=10></TD></TR>"; print "</TABLE>\n"; print "</CENTER> </B><P> <CENTER> <input type=hidden name=action value=\"ns_quicksale_cc\"> <input type=hidden name=usepost value=\"1\">"; if ($confirm) { $confirm_javascript = "onClick=\"return confirm('$confirm')\""; } if ( $lang[23] =~ /^http/i ) { print "<INPUT TYPE=HIDDEN NAME=\"form_action\" VALUE=\"$lang[23]\">"; print "<INPUT TYPE=IMAGE NAME=\"\" SRC=\"$lang[23]\" VALUE=\"$lang[23]\" BORDER=0 $confirm_javascript >"; } else { print "<INPUT TYPE=submit NAME=\"form_action\" VALUE=\"$lang[23]\" $confirm_javascript >"; } print "<P> </CENTER> </FORM>\n"; &back_button; print "</FONT></BODY></HTML>"; exit; } if ( !$FORM{'form_action'} ) { &authorized_referrers; print "Content-type: text/html\n\n"; print " <HTML> <HEAD>\n"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "<TITLE>$lang[1] - $FORM{'MerchantName'}</TITLE>\n"; } else { print "<TITLE>$lang[25] - $FORM{'MerchantName'}</TITLE>\n"; } print "\n$FORM{'meta_tag'}\n</HEAD>\n"; if ( $FORM{'MerchantBgrdColor'} =~ /^(http)/ ) { print "<BODY BGCOLOR=\"#FFFFFF\" BACKGROUND=\"$FORM{'MerchantBgrdColor'}\">\n"; } else { print "<BODY BGCOLOR=\"$FORM{'MerchantBgrdColor'}\">\n"; } print "<FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">\n <FORM METHOD=post ACTION=\"$FORM{'ssl_url'}\">\n <INPUT TYPE=hidden NAME=\"ssl_url\" VALUE=\"$FORM{'ssl_url'}\">\n <INPUT TYPE=hidden NAME=\"mailprog\" VALUE=\"$FORM{'mailprog'}\">\n <INPUT TYPE=HIDDEN NAME=\"date_command\" VALUE=\"$FORM{'date_command'}\">\n <INPUT TYPE=HIDDEN NAME=\"append_datafile\" VALUE=\"$FORM{'append_datafile'}\">\n <INPUT TYPE=HIDDEN NAME=\"target_name\" VALUE=\"$FORM{'target_name'}\">\n <INPUT TYPE=HIDDEN NAME=\"use_state\" VALUE=\"$FORM{'use_state'}\">\n <INPUT TYPE=HIDDEN NAME=\"blat_different_temp_directory\" VALUE=\"$FORM{'blat_different_temp_directory'}\">\n <INPUT TYPE=HIDDEN NAME=\"meta_tag\" VALUE='$FORM{'meta_tag'}'>\n <INPUT TYPE=HIDDEN NAME=\"card_types\" VALUE=\"$FORM{'card_types'}\">\n <INPUT TYPE=hidden NAME=\"fulltotal\" VALUE=\"$FORM{'fulltotal'}\">\n <INPUT TYPE=hidden NAME=\"MerchantName\" VALUE=\"$FORM{'MerchantName'}\">\n <INPUT TYPE=hidden NAME=\"MerchantID\" VALUE=\"$FORM{'MerchantID'}\">\n <INPUT TYPE=hidden NAME=\"MerchantEmail\" VALUE=\"$FORM{'MerchantEmail'}\">\n <INPUT TYPE=hidden NAME=\"MerchantFont\" VALUE=\"$FORM{'MerchantFont'}\">\n <INPUT TYPE=hidden NAME=\"MerchantFontColor\" VALUE=\"$FORM{'MerchantFontColor'}\">\n <INPUT TYPE=hidden NAME=\"MerchantBgrdColor\" VALUE=\"$FORM{'MerchantBgrdColor'}\">\n <INPUT TYPE=hidden NAME=\"MerchantApprovedURL\" VALUE=\"$FORM{'MerchantApprovedURL'}\">\n <INPUT TYPE=hidden NAME=\"MerchantUnApprovedURL\" VALUE=\"$FORM{'MerchantUnApprovedURL'}\">\n <INPUT TYPE=hidden NAME=\"MerchantReturnURL\" VALUE=\"$FORM{'MerchantReturnURL'}\">\n <INPUT TYPE=hidden NAME=\"customerid\" VALUE=\"$FORM{'customerid'}\">\n <INPUT TYPE=hidden NAME=\"pgp\" VALUE='$FORM{'pgp'}'>\n <INPUT TYPE=hidden NAME=\"use_company_name_field\" VALUE='$FORM{'company'}'>\n <INPUT TYPE=hidden NAME=\"ssl_tracking_dir\" VALUE='$FORM{'ssl_tracking_dir'}'>\n"; if ($ENV{'QUERY_STRING'} eq "cybersource" ) { print "<INPUT TYPE=hidden NAME=\"cybersource\" VALUE=\"1\">\n"; } print "<H1><CENTER>$FORM{'MerchantName'}</CENTER></H1><P><H4><CENTER>\n"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "$lang[1]\n"; } else { print "$lang[25]<BR>$lang[2]\n"; } print "</CENTER></H4><P> <H4><CENTER> </CENTER></H4><P> <B> <CENTER> $lang[3] $FORM{'fulltotal'} </CENTER> </B> <CENTER> <H3>$lang[4] </H3> </CENTER> <B> <CENTER> <TABLE BORDER=1> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[5] </FONT></TD><TD><INPUT name=\"BillName\" size=30 value=\"$FORM{'BillName'}\"></TD> </TR>"; if ( $FORM{'company'} ) { print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[56] </FONT></TD><TD><INPUT name=\"company\" size=30 value=\"$FORM{'company'}\"></TD> </TR>"; } print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[6] </FONT></TD><TD><INPUT name=\"BillStreet\" size=30 value=\"$FORM{'BillStreet'}\"></TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[7] </FONT></TD><TD><INPUT name=\"BillCity\" size=30 value=\"$FORM{'BillCity'}\"></TD> </TR>\n"; if ( $FORM{'use_state'} ) { print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[8] </FONT></TD><TD><INPUT name=\"BillState\" size=30 value=\"$FORM{'BillState'}\"></TD> </TR>\n"; } if ( $lang[9] ) { print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[9] </FONT></TD><TD><INPUT name=\"BillZip\" size=10 value=\"$FORM{'BillZip'}\"></TD> </TR>\n"; } print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[10] </FONT></TD><TD><INPUT name=\"BillCountry\" size=30 value=\"$FORM{'BillCountry'}\"></TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[12] </FONT></TD><TD><INPUT name=\"BillPhone\" size=20 value=\"$FORM{'BillPhone'}\"></TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[11] </FONT></TD><TD><INPUT name=\"BillEmail\" size=30 value=\"$FORM{'BillEmail'}\"></TD> </TR>\n"; if ( $ENV{'QUERY_STRING'} ne "check" ) { $confirm = "$lang[24]"; print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[13] </FONT></TD> <TD>\n"; if ( $visa ) { print "<INPUT TYPE=RADIO NAME=\"cardtype\" VALUE=\"visa\"> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"><B>$lang[14]</B></FONT><BR>\n"; } if ( $mastercard ) { print "<INPUT TYPE=RADIO NAME=\"cardtype\" VALUE=\"mastercard\"> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"><B>$lang[15]</B></FONT><BR>\n"; } if ( $amex ) { print "<INPUT TYPE=RADIO NAME=\"cardtype\" VALUE=\"amex\"> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"><B>$lang[16]</B></FONT><BR>\n"; } if ( $novus ) { print "<INPUT TYPE=RADIO NAME=\"cardtype\" VALUE=\"novus\"> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"><B>$lang[17]</B></FONT><BR>\n"; } if ( $dinersclub ) { print "<INPUT TYPE=RADIO NAME=\"cardtype\" VALUE=\"dinersclub\"> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"><B>$lang[18]</B></FONT><BR>\n"; } if ( $carteblanche ) { print "<INPUT TYPE=RADIO NAME=\"cardtype\" VALUE=\"carteblanche\"> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"><B>$lang[19]</B></FONT><BR>\n"; } print "</TD> </TR> <TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[20] </FONT></TD><TD><INPUT name=\"BillCreditCard\" size=30 value=\"\"></TD> </TR>\n"; if ( (($lang[18] =~ /(switch)/i) || ($lang[19] =~ /(switch)/i)) && ( $dinersclub || $carteblanche ) ) { print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[53] </FONT></TD><TD><INPUT name=\"switch\" size=30 value=\"\"></TD> </TR>\n"; } print "<TR> <TD><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[21]</FONT> </TD><TD><SELECT NAME=\"ExpirationMonth\"> <OPTION> 01 <OPTION> 02 <OPTION> 03 <OPTION> 04 <OPTION> 05 <OPTION> 06 <OPTION> 07 <OPTION> 08 <OPTION> 09 <OPTION> 10 <OPTION> 11 <OPTION> 12 </SELECT> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[22] </FONT><SELECT NAME=\"ExpirationYear\">\n"; if ( $date =~ /\n$/ ) { chop($date); } ($trash,$trash,$trash,$trash,$year) = split(/ /,$date); for($i=0;$i<=10;$i++) { $b = $year + $i; print "<OPTION>$b\n"; } print "</SELECT></TD> </TR>\n"; } print "</TABLE>\n"; if ( $ENV{'QUERY_STRING'} eq "check" ) { &print_check_draft_info; $confirm = "$lang[33]"; } print "</CENTER> </B><P> <CENTER>\n"; if ($confirm) { $confirm_javascript = "onClick=\"return confirm('$confirm')\""; } if ( $lang[23] =~ /^http/i ) { print "<INPUT TYPE=HIDDEN NAME=\"form_action\" VALUE=\"$lang[23]\">\n"; print "<INPUT TYPE=IMAGE NAME=\"\" SRC=\"$lang[23]\" VALUE=\"$lang[23]\" BORDER=0 $confirm_javascript >\n"; } else { print "<INPUT TYPE=submit NAME=\"form_action\" VALUE=\"$lang[23]\" $confirm_javascript >\n"; } print "<P> </CENTER> </FORM>\n"; &back_button; print "</FONT></BODY></HTML>\n"; exit; } if ( $FORM{'form_action'} ) { &authorized_referrers; if ( ( !$FORM{'fulltotal'} || !$FORM{'BillName'} || !$FORM{'BillPhone'} || !$FORM{'BillStreet'} || !$FORM{'BillCity'} || !$FORM{'BillCountry'} || !$FORM{'BillEmail'} ) || ( !$FORM{'BillState'} && $FORM{'use_state'} ) || ( !$FORM{'BillZip'} && $lang[9] ) || ( !$FORM{'company'} && $FORM{'use_company_name_field'} ) || ( ($ENV{'QUERY_STRING'} ne "check") && ( !$FORM{'cardtype'} || !$FORM{'ExpirationMonth'} || !$FORM{'ExpirationYear'} || !$FORM{'BillCreditCard'} ) ) || ( ($ENV{'QUERY_STRING'} eq "check") && ( !$FORM{'bank_name'} || !$FORM{'bank_address'} || !$FORM{'bank_city'} || !$FORM{'bank_state'} || !$FORM{'bank_postal_code'} || !$FORM{'bank_phone'} || !$FORM{'check_number'} || !$FORM{'aba_number'} || !$FORM{'check_date'} || !$FORM{'routing_number'} || !$FORM{'account_number'} || !$FORM{'authorized_by'} ) ) ) { if ( $perl_redirect ) { print "Location: $FORM{'MerchantUnApprovedURL'}\n\n"; } print "Content-type: text/html\n\n"; print " <HTML> <HEAD>"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "<TITLE>$lang[1]"; } else { print "<TITLE>$lang[25]"; } print " - $FORM{'MerchantName'}</TITLE>"; print "\n$FORM{'meta_tag'}\n</HEAD>"; if ( $FORM{'MerchantBgrdColor'} =~ /^(http)/ ) { print "<BODY BGCOLOR=\"#FFFFFF\" BACKGROUND=\"$FORM{'MerchantBgrdColor'}\">"; } else { print "<BODY BGCOLOR=\"$FORM{'MerchantBgrdColor'}\">"; } print "<FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"> <H1><CENTER>$FORM{'MerchantName'}</CENTER></H1><P>"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "<H4><CENTER>$lang[1]</CENTER></H4><P>"; } else { print "<H4><CENTER>$lang[25]</CENTER></H4><P>"; } print "<H3><CENTER>"; print "$lang[26]<BR>"; if ( $FORM{'MerchantReturnURL'} ) { print "<SCRIPT language=\"JavaScript1.2\">\n if( (parseInt( navigator.appVersion ) >= 4.5) && ( (navigator.appName!=\"Netscape\") || ( navigator.appVersion.search(/Mac/i)>=0 ) ) ) { document.write('<A HREF=\"$FORM{'MerchantReturnURL'}\">$lang[54]</A>') }\n </SCRIPT>\n"; } print" </CENTER></H3><P> </BODY></HTML>"; exit; } if ($FORM{'cybersource'}) { &cybersource; } elsif ($ENV{'QUERY_STRING'} ne "check") { &CC_Verify; } if ($FORM{'MerchantEmail'}) { $myemail = "$FORM{'MerchantEmail'}"; $myemail =~ s/ /\,/g; $myemail =~ s/\,\,/\,/g; $myemail =~ s/\,\,/\,/g; @myemail = split(/\,/,$myemail); foreach $myemail (@myemail) { &send_email('email'); } } &send_email('append_datafile') if ($FORM{'append_datafile'}); &order_tracking; &valid_cc; exit; } sub send_email { if ( $FORM{'pgp'} ) { if ( $FORM{'pgp'} =~ /\n$/ ) { chop($FORM{'pgp'}); } ($pgpprog,$pgptempdir,$pgpuserid,$pgpversion) = split(/\|/,$FORM{'pgp'}); if (!-e"$pgpprog") { print "Content-Type: text/html\n\n"; print "<H3>Dansie Shopping Cart configuration message. PGP program does not appear to exists at this location: \"$pgpprog\"<BR>Check your settings in Secure Server Variable #10</H3>"; exit; } if (!-w"$pgptempdir") { print "Content-Type: text/html\n\n"; print "<H3>Dansie Shopping Cart configuration message. The temp directory for the PGP program does not appear to be writable. \"$pgptempdir\"<BR>Check your settings in Secure Server Variable #10"; exit; } srand; do { $tempfile = int(rand(99999999)); } until (!-e "$pgptempdir/$tempfile"); $pgp_key_exists = 0; if ( $pgpversion eq "2.6.2" ) { system("$pgpprog +batchmode -kv $pgpuserid >$pgptempdir/$tempfile"); } else { $pgp_key_exists = 1; } open(PGPKEY,"$pgptempdir/$tempfile"); while(<PGPKEY>) { $pgp_key_exists = 1 if /^1 matching key/; } close(PGPKEY); unlink("$pgptempdir/$tempfile"); srand; do { $tempfile = int(rand(99999999)); } until (!-e "$pgptempdir/$tempfile"); $tempfile = $tempfile . ".txt"; if ( $pgp_key_exists ) { open(MAIL,">$pgptempdir/$tempfile"); &email_body; if ( $pgpversion eq "5.0" ) { system("$pgpprog -r $pgpuserid $pgptempdir/$tempfile"); } elsif ($pgpversion eq "gpg1.0") { system("$pgpprog -tear $pgpuserid $pgptempdir/$tempfile"); } elsif ($pgp_version =~ /^(6\.5)/) { system("$pgpprog -e $pgptempdir/$tempfile $pgpuserid"); } else { system("$pgpprog +batchmode -eat $pgptempdir/$tempfile $pgpuserid"); } $pgptempfile1 = $tempfile . ".pgp"; $pgptempfile2 = $tempfile . ".asc"; $pgptempfile3 = $tempfile; while ($pgptempfile3 =~ /\./) { chop($pgptempfile3); } $pgptempfile3 = $pgptempfile3 . ".asc"; if (-e "$pgptempdir/$pgptempfile1") { $pgptempfile = "$pgptempfile1"; } if (-e "$pgptempdir/$pgptempfile2") { $pgptempfile = "$pgptempfile2"; } if (-e "$pgptempdir/$pgptempfile3") { $pgptempfile = "$pgptempfile3"; } if ( (!-e "$pgptempdir/$pgptempfile1") && (!-e "$pgptempdir/$pgptempfile2") && (!-e "$pgptempdir/$pgptempfile3") ) { print "Content-type: text/html\n\n<H3>Dansie Shopping Cart configuration message:<BR>The ssl.pl script could not detect the creation of the encrypted PGP file. Check to see that you have the correct system path to PGP set in SSV#10 and that your PGP key exists. See Secure Server Variable #10 in section 11 the <A HREF=\"http://www.dansie.net/cart_readme.html\" TARGET=\"ReadMe\">ReadMe</A> for detailed instructions."; print "</H3>"; &footer; } } else { $pgptempfile = "$tempfile"; $FORM{'BillCreditCard'} = "$lang[51] $pgpuserid\n" . "$lang[52]\n"; open(MAIL,">$pgptempdir/$tempfile"); &email_body; } &email_headers; &email_pgp_body; } else { &email_headers; &email_body; } if ( $_[0] eq "append_datafile" ) { if ( -d "$FORM{'append_datafile'}" ) { $chmod_temp = "$FORM{'append_datafile'}/orders$FORM{'customerid'}"; `chmod 777 $chmod_temp`; } else { `chmod 777 $FORM{'append_datafile'}`; } } if ( ($_[0] eq "email") && ($FORM{'mailprog'} =~ /\./) ) { $untainted = &untaint("$FORM{'blat_different_temp_directory'}"); $mailprog = &untaint("$FORM{'mailprog'}"); if ( $FORM{'mailprog'} =~ /(blat\.exe)/i ) { open(MAIL,"|$mailprog $untainted -t $myemail -s \"$FORM{'customerid'} - $subject\" -f $myemail$blat_server -q"); close(MAIL); } if ( $FORM{'mailprog'} =~ /(windmail\.exe)/i ) { system("\"$FORM{'mailprog'}\" -t -t -n $untainted"); } unlink("$untainted"); } if ( $FORM{'pgp'} ) { $pgptemp1 = &untaint("$pgptempdir/$tempfile"); $pgptemp2 = &untaint("$pgptempdir/$pgptempfile"); unlink("$pgptemp1"); unlink("$pgptemp2"); } } sub CC_Verify { if ( $date =~ /\n$/ ) { chop($date); } ($trash,$trash,$trash,$trash,$year) = split(/ /,$date); if ( $FORM{'ExpirationYear'} < $year ) { &invalid_cc; } if ( ( $FORM{'ExpirationYear'} == $year ) && ( $FORM{'ExpirationMonth'} < $month ) ) { &invalid_cc; } $cardnumber = $FORM{'BillCreditCard'}; $cardnumber =~ s/ //g; $cardnumber =~ s/-//g; $length = length($cardnumber); if (!($cardnumber =~ /^[0-9]*$/)) { &invalid_cc; } if ($FORM{'cardtype'} eq "visa") { &vlen; } if ($FORM{'cardtype'} eq "mastercard") { &mclen; } if ($FORM{'cardtype'} eq "amex") { &alen; } if ($FORM{'cardtype'} eq "novus") { &nlen; } sub vlen { &invalid_cc unless (($length ==13) || ($length == 16)); } sub mclen { &invalid_cc unless ($length == 16); } sub alen { &invalid_cc unless ($length == 15); } sub nlen { &invalid_cc unless ($length == 16); } if ($FORM{'cardtype'} eq "visa") { &vver; } if ($FORM{'cardtype'} eq "mastercard") { &ver16; } if ($FORM{'cardtype'} eq "amex") { &ver15; } if ($FORM{'cardtype'} eq "novus") { &ver16; } sub vver { if ($length == 13) { &ver13; } if ($length == 16) { &ver16; } } sub ver13 { $cc0 = substr($cardnumber,0,1); $cc1 = substr($cardnumber,1,1); $cc2 = substr($cardnumber,2,1); $cc3 = substr($cardnumber,3,1); $cc4 = substr($cardnumber,4,1); $cc5 = substr($cardnumber,5,1); $cc6 = substr($cardnumber,6,1); $cc7 = substr($cardnumber,7,1); $cc8 = substr($cardnumber,8,1); $cc9 = substr($cardnumber,9,1); $cc10 = substr($cardnumber,10,1); $cc11 = substr($cardnumber,11,1); $cc12 = substr($cardnumber,12,1); $cc1a = $cc1 * 2; $cc3a = $cc3 * 2; $cc5a = $cc5 * 2; $cc7a = $cc7 * 2; $cc9a = $cc9 * 2; $cc11a = $cc11 * 2; if ($cc1a >= 10) { $cc1b = substr($cc1a,0,1); $cc1c = substr($cc1a,1,1); $cc1 = $cc1b+$cc1c; } else { $cc1 = $cc1a; } if ($cc3a >= 10) { $cc3b = substr($cc3a,0,1); $cc3c = substr($cc3a,1,1); $cc3 = $cc3b+$cc3c; } else { $cc3 = $cc3a; } if ($cc5a >= 10) { $cc5b = substr($cc5a,0,1); $cc5c = substr($cc5a,1,1); $cc5 = $cc5b+$cc5c; } else { $cc5 = $cc5a; } if ($cc7a >= 10) { $cc7b = substr($cc7a,0,1); $cc7c = substr($cc7a,1,1); $cc7 = $cc7b+$cc7c; } else { $cc7 = $cc7a; } if ($cc9a >= 10) { $cc9b = substr($cc9a,0,1); $cc9c = substr($cc9a,1,1); $cc9 = $cc9b+$cc9c; } else { $cc9 = $cc9a; } if ($cc11a >= 10) { $cc11b = substr($cc11a,0,1); $cc11c = substr($cc11a,1,1); $cc11 = $cc11b+$cc11c; } else { $cc11 = $cc11a; } $val = $cc0+$cc1+$cc2+$cc3+$cc4+$cc5+$cc6+$cc7+$cc8+$cc9+$cc10+$cc11+$cc12; if (substr($val,1,1) !=0 ) { &invalid_cc; } } sub ver16 { $cc0 = substr($cardnumber,0,1); $cc1 = substr($cardnumber,1,1); $cc2 = substr($cardnumber,2,1); $cc3 = substr($cardnumber,3,1); $cc4 = substr($cardnumber,4,1); $cc5 = substr($cardnumber,5,1); $cc6 = substr($cardnumber,6,1); $cc7 = substr($cardnumber,7,1); $cc8 = substr($cardnumber,8,1); $cc9 = substr($cardnumber,9,1); $cc10 = substr($cardnumber,10,1); $cc11 = substr($cardnumber,11,1); $cc12 = substr($cardnumber,12,1); $cc13 = substr($cardnumber,13,1); $cc14 = substr($cardnumber,14,1); $cc15 = substr($cardnumber,15,1); $cc0a = $cc0 * 2; $cc2a = $cc2 * 2; $cc4a = $cc4 * 2; $cc6a = $cc6 * 2; $cc8a = $cc8 * 2; $cc10a = $cc10 * 2; $cc12a = $cc12 * 2; $cc14a = $cc14 * 2; if ($cc0a >= 10) { $cc0b = substr($cc0a,0,1); $cc0c = substr($cc0a,1,1); $cc0 = $cc0b+$cc0c; } else { $cc0 = $cc0a; } if ($cc2a >= 10) { $cc2b = substr($cc2a,0,1); $cc2c = substr($cc2a,1,1); $cc2 = $cc2b+$cc2c; } else { $cc2 = $cc2a; } if ($cc4a >= 10) { $cc4b = substr($cc4a,0,1); $cc4c = substr($cc4a,1,1); $cc4 = $cc4b+$cc4c; } else { $cc4 = $cc4a; } if ($cc6a >= 10) { $cc6b = substr($cc6a,0,1); $cc6c = substr($cc6a,1,1); $cc6 = $cc6b+$cc6c; } else { $cc6 = $cc6a; } if ($cc8a >= 10) { $cc8b = substr($cc8a,0,1); $cc8c = substr($cc8a,1,1); $cc8 = $cc8b+$cc8c; } else { $cc8 = $cc8a; } if ($cc10a >= 10) { $cc10b = substr($cc10a,0,1); $cc10c = substr($cc10a,1,1); $cc10 = $cc10b+$cc10c; } else { $cc10 = $cc10a; } if ($cc12a >= 10) { $cc12b = substr($cc12a,0,1); $cc12c = substr($cc12a,1,1); $cc12 = $cc12b+$cc12c; } else { $cc12 = $cc12a; } if ($cc14a >= 10) { $cc14b = substr($cc14a,0,1); $cc14c = substr($cc14a,1,1); $cc14 = $cc14b+$cc14c; } else { $cc14 = $cc14a; } $val = $cc0+$cc1+$cc2+$cc3+$cc4+$cc5+$cc6+$cc7+$cc8+$cc9+$cc10+$cc11+$cc12+$cc13+$cc14+$cc15; if (substr($val,1,1) !=0 ) { &invalid_cc; } } sub ver15 { $cc0 = substr($cardnumber,0,1); $cc1 = substr($cardnumber,1,1); $cc2 = substr($cardnumber,2,1); $cc3 = substr($cardnumber,3,1); $cc4 = substr($cardnumber,4,1); $cc5 = substr($cardnumber,5,1); $cc6 = substr($cardnumber,6,1); $cc7 = substr($cardnumber,7,1); $cc8 = substr($cardnumber,8,1); $cc9 = substr($cardnumber,9,1); $cc10 = substr($cardnumber,10,1); $cc11 = substr($cardnumber,11,1); $cc12 = substr($cardnumber,12,1); $cc13 = substr($cardnumber,13,1); $cc14 = substr($cardnumber,14,1); $cc1a = $cc1 * 2; $cc3a = $cc3 * 2; $cc5a = $cc5 * 2; $cc7a = $cc7 * 2; $cc9a = $cc9 * 2; $cc11a = $cc11 * 2; $cc13a = $cc13 * 2; if ($cc1a >= 10) { $cc1b = substr($cc1a,0,1); $cc1c = substr($cc1a,1,1); $cc1 = $cc1b+$cc1c; } else { $cc1 = $cc1a; } if ($cc3a >= 10) { $cc3b = substr($cc3a,0,1); $cc3c = substr($cc3a,1,1); $cc3 = $cc3b+$cc3c; } else { $cc3 = $cc3a; } if ($cc5a >= 10) { $cc5b = substr($cc5a,0,1); $cc5c = substr($cc5a,1,1); $cc5 = $cc5b+$cc5c; } else { $cc5 = $cc5a; } if ($cc7a >= 10) { $cc7b = substr($cc7a,0,1); $cc7c = substr($cc7a,1,1); $cc7 = $cc7b+$cc7c; } else { $cc7 = $cc7a; } if ($cc9a >= 10) { $cc9b = substr($cc9a,0,1); $cc9c = substr($cc9a,1,1); $cc9 = $cc9b+$cc9c; } else { $cc9 = $cc9a; } if ($cc11a >= 10) { $cc11b = substr($cc11a,0,1); $cc11c = substr($cc11a,1,1); $cc11 = $cc11b+$cc11c; } else { $cc11 = $cc11a; } if ($cc13a >= 10) { $cc13b = substr($cc13a,0,1); $cc13c = substr($cc13a,1,1); $cc13 = $cc13b+$cc13c; } else { $cc13 = $cc13a; } $val = $cc0+$cc1+$cc2+$cc3+$cc4+$cc5+$cc6+$cc7+$cc8+$cc9+$cc10+$cc11+$cc12+$cc13+$cc14; if (substr($val,1,1) !=0 ) { &invalid_cc; } } } sub valid_cc { if ( $perl_redirect ) { print "Location: $FORM{'MerchantApprovedURL'}\n\n"; } print "Content-type: text/html\n\n"; print " <HTML> <HEAD>"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "<TITLE>$lang[1]"; } else { print "<TITLE>$lang[25]"; } print " - $FORM{'MerchantName'}</TITLE>"; print "<META HTTP-EQUIV=REFRESH CONTENT=0;URL=$FORM{'MerchantApprovedURL'}> \n$FORM{'meta_tag'}\n</HEAD>"; if ( $FORM{'MerchantBgrdColor'} =~ /^(http)/ ) { print "<BODY BGCOLOR=\"#FFFFFF\" BACKGROUND=\"$FORM{'MerchantBgrdColor'}\">"; } else { print "<BODY BGCOLOR=\"$FORM{'MerchantBgrdColor'}\">"; } print "<H4> <CENTER> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">"; if ( $ENV{'QUERY_STRING'} ne "check" ) { if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "$lang[27]"; } else { print "$lang[30]"; } } else { if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "$lang[49]"; } else { print "$lang[50]"; } } print "<BR><BR><A HREF=\"$FORM{'MerchantApprovedURL'}\"><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[31]</FONT></A>"; print "</FONT> </CENTER> </H4> </BODY></HTML>"; exit; } sub invalid_cc { if ( $perl_redirect ) { print "Location: $FORM{'MerchantUnApprovedURL'}\n\n"; } print "Content-type: text/html\n\n"; print " <HTML> <HEAD>"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "<TITLE>$lang[1]"; } else { print "<TITLE>$lang[25]"; } print " - $FORM{'MerchantName'}</TITLE>"; print "<META HTTP-EQUIV=REFRESH CONTENT=0;URL=$FORM{'MerchantUnApprovedURL'}> \n$FORM{'meta_tag'}\n</HEAD>"; if ( $FORM{'MerchantBgrdColor'} =~ /^(http)/ ) { print "<BODY BGCOLOR=\"#FFFFFF\" BACKGROUND=\"$FORM{'MerchantBgrdColor'}\">"; } else { print "<BODY BGCOLOR=\"$FORM{'MerchantBgrdColor'}\">"; } print "<H4> <CENTER> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\"> $lang[28]"; print "<BR><BR><A HREF=\"$FORM{'MerchantUnApprovedURL'}\"><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">$lang[31]</FONT></A>"; print "</FONT> </CENTER> </H4> </BODY></HTML>"; exit; } sub kill_input { print "Content-type: text/html\n\n"; $value = ""; print "<CENTER><H1><FONT COLOR=\"\#FF0000\">CGI Alert</FONT></H1></CENTER>\n"; print "<CENTER><H3>It appears as though you've tried to execute a system command via a SSI tag or shell metacharacter. Please use your <B>Back</B> button, remove the tags or characters and re-submit. Thanks! </H3></CENTER>\n"; exit; } sub untaint { if ( $_[0] ne "" ) { $_[0] =~ /^(.+)$/; $a = $1; } else { $a = ""; } return $a; } sub get_date { @date = localtime(time); foreach (@date) { if ( $_ < 10 ) { $_ = "0" . $_; } } $month = $date[4]; $date[4] = (Jan,Feb,Mar,Apr,May,Jun,Jul,Aug,Sep,Oct,Nov,Dec)[$date[4]]; $date[6] = (Sun,Mon,Tue,Wed,Thu,Fri,Sat)[$date[6]]; if ( $date[5] < 100 ) { if ( $date[5] > 98 ) { $date[5] = "19" . "$date[5]"; } else { $date[5] = "20" . "$date[5]"; } } if ( ( $date[5] >= 100 ) && ( $date[5] < 2000 ) ) { $date[5] += 1900; } $Cookie_Exp_Date = "$date[6] $date[4] $date[3] $date[2]:$date[1]:$date[0] $date[5]"; return $Cookie_Exp_Date; } sub footer { print "<H3>Comments, Questions, Suggestions: <A HREF=\"mailto:cart\@dansie.net\">cart\@dansie.net</A></H3> <BR> <FONT SIZE=-1> ssl.pl $version<BR> 5/22/98<BR> Dansie Shopping Cart<BR> <A HREF=\"http://www.dansie.net\">http://www.dansie.net</A><BR> </FONT> </BODY> </HTML>"; exit; } sub print_check_draft_info { if ( $FORM{'check_wp'} =~ /^(http)/i ) { $check_bg = "BACKGROUND=\"$FORM{'check_wp'}\""; } else { $check_bg = "BGCOLOR=\"$FORM{'check_wp'}\""; } if ( $FORM{'check_draft_image'} ) { print "\n<BR><IMG SRC=\"$FORM{'check_draft_image'}\"><BR>\n"; } print "\n<BR><TABLE BORDER=0 ALIGN=CENTER $check_bg CELLSPACING=0> <TR> <TD><BR></TD><TD><BR></TD><TD><BR></TD> </TR> <TR> <TD VALIGN=TOP> <FONT COLOR=\"$FORM{'MerchantFontColor'}\" SIZE=\"$check_font_size\"> $lang[38]<BR> <INPUT TYPE=TEXT SIZE=25 MAXLENGTH=40 NAME=\"bank_name\" > <BR> $lang[39] <BR> <INPUT TYPE=TEXT SIZE=25 MAXLENGTH=40 NAME=\"bank_address\" > <BR> $lang[40]<BR> <INPUT TYPE=TEXT SIZE=20 MAXLENGTH=30 NAME=\"bank_city\" > <INPUT TYPE=TEXT SIZE=5 MAXLENGTH=20 NAME=\"bank_state\" > <INPUT TYPE=TEXT SIZE=10 MAXLENGTH=20 NAME=\"bank_postal_code\" > <BR> $lang[43] <BR> <INPUT TYPE=TEXT SIZE=15 MAXLENGTH=20 NAME=\"bank_phone\" > </TD> <TD ROWSPAN=2> </TD> <TD ALIGN=RIGHT VALIGN=TOP > <FONT COLOR=\"$FORM{'MerchantFontColor'}\" SIZE=\"$check_font_size\"> $lang[34]<BR> <INPUT TYPE=TEXT SIZE=8 MAXLENGTH=10 NAME=\"check_number\" > <BR> $lang[46]<BR> <INPUT TYPE=TEXT SIZE=20 MAXLENGTH=20 NAME=\"aba_number\" > <BR> $lang[35]<BR> <INPUT TYPE=TEXT SIZE=20 MAXLENGTH=40 NAME=\"check_date\" VALUE=\"$date\"> </FONT><BR> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\" SIZE=\"$check_font_size\"> $lang[36]<BR> <TABLE BORDER=1 BGCOLOR=\"#FFFFFF\" CELLSPACING=0><TR BGCOLOR=\"#FFFFFF\"><TD BGCOLOR=\"#FFFFFF\"><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"#000000\" SIZE=\"$check_font_size\"> $FORM{'fulltotal'}</FONT></TD></TR></TABLE> <BR> </FONT> </TD> </TR> <TR> <TD VALIGN=BOTTOM> <TABLE BORDER=0 CELLSPACING=0 > <TR> <TD> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\" SIZE=\"$check_font_size\"> $lang[44] </FONT> </TD> <TD> <FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\" SIZE=\"$check_font_size\"> $lang[45] </FONT> </TD> </TR> <TR> <TD> <FONT COLOR=\"$FORM{'MerchantFontColor'}\" SIZE=\"$check_font_size\"> <B>|:</B> <INPUT TYPE=TEXT SIZE=15 MAXLENGTH=9 NAME=\"routing_number\"> <B>|:</B> </FONT> </TD> <TD> <FONT COLOR=\"$FORM{'MerchantFontColor'}\" SIZE=\"$check_font_size\"> <INPUT TYPE=TEXT SIZE=15 MAXLENGTH=20 NAME=\"account_number\"> <B>||'</B> </FONT> </TD> </TR> </TABLE> </FONT> </TD> <TD ALIGN=RIGHT > <FONT COLOR=\"$FORM{'MerchantFontColor'}\" SIZE=\"$check_font_size\"> $lang[37]<BR> <INPUT TYPE=TEXT SIZE=20 MAXLENGTH=30 NAME=\"authorized_by\" > </FONT> </TD> </TR> </TABLE>"; } sub back_button { if ( $FORM{'MerchantReturnURL'} ) { if ( $FORM{'MerchantReturnURL'} =~ /(.+)(\?)(.+)/ ) { $back_method = "POST"; } else { $back_method = "GET"; } print "<CENTER> <FORM METHOD=$back_method ACTION=\"$FORM{'MerchantReturnURL'}\" TARGET=\"_top\">\n"; if ( $lang[32] =~ /^http/i ) { print "<INPUT TYPE=IMAGE NAME=\"\" SRC=\"$lang[32]\" VALUE=\"$lang[32]\" BORDER=0>"; } else { print "<INPUT TYPE=submit VALUE=\"$lang[32]\">\n"; } print "</FORM> </CENTER>\n"; } } sub email_headers { if ( $_[0] eq "append_datafile" ) { if ( $FORM{'append_datafile'} =~ /(.+)(\|)(.+)/ ) { $FORM{'append_datafile'} = $1; } if (-d "$FORM{'append_datafile'}") { $FORM{'append_datafile'} = "$FORM{'append_datafile'}/orders$FORM{'customerid'}" . ".$extension"; } open (MAIL, ">>$FORM{'append_datafile'}"); print MAIL "Date: $date\n"; print MAIL "To: $FORM{'MerchantName'} <$myemail>\n"; print MAIL "From: $FORM{'BillName'} <$FORM{'BillEmail'}>\n"; print MAIL "Subject: $FORM{'customerid'} - $subject\n\n"; } if ( $_[0] eq "email" ) { if ( $FORM{'mailprog'} =~ /\./ ) { if ( $FORM{'mailprog'} =~ /(-server)/ ) { ($FORM{'mailprog'},$blat_server) = split(/-server/,$FORM{'mailprog'}); $FORM{'mailprog'} =~ s/ //g; $blat_server =~ s/ //g; $blat_server = " -server \"$blat_server\""; } $untainted = &untaint("$FORM{'blat_different_temp_directory'}"); open (MAIL, ">$untainted"); } elsif ( $FORM{'mailprog'} ) { while($myemail =~ / /) { chop($myemail); } if ($myemail !~ /^(.+)(\@)(.+)(\.)(.+)$/) { $myemail = ""; } if ( $FORM{'mailprog'} eq "windmail -t" ) { open (MAIL, "|$FORM{'mailprog'}"); } elsif ( $FORM{'mailprog'} =~ /(cgimail)$/ ) { open (MAIL, "|$FORM{'mailprog'}"); } else { open (MAIL, "|$FORM{'mailprog'} $myemail") || die "Can't open $FORM{'mailprog'}!\n"; } } $FORM{'MerchantName'} =~ s/\,//g; $FORM{'BillName'} =~ s/\,//g; if ( ( $FORM{'mailprog'} !~ /\./ ) && ( $FORM{'mailprog'} ne "windmail -t" ) ) { print MAIL "To: $FORM{'MerchantName'} <$myemail>\n"; print MAIL "From: $FORM{'BillName'} <$FORM{'BillEmail'}>\n"; print MAIL "Subject: $FORM{'customerid'} - $subject\n\n"; } if ( ($FORM{'mailprog'} =~ /(windmail\.exe)/i) || ( $FORM{'mailprog'} eq "windmail -t" ) ) { print MAIL "To: $myemail\n"; print MAIL "From: $FORM{'BillEmail'}\n"; print MAIL "Subject: $FORM{'customerid'} - $subject\n\n"; } } } sub email_body { print MAIL "$lang[3] $FORM{'fulltotal'}\n"; print MAIL "$lang[5] $FORM{'BillName'}\n"; print MAIL "$lang[56] $FORM{'company'}\n" if ($FORM{'use_company_name_field'}); print MAIL "$lang[6] $FORM{'BillStreet'}\n"; print MAIL "$lang[7] $FORM{'BillCity'}\n"; print MAIL "$lang[8] $FORM{'BillState'}\n" if ($lang[8]); print MAIL "$lang[9] $FORM{'BillZip'}\n" if ($lang[9]); print MAIL "$lang[10] $FORM{'BillCountry'}\n"; print MAIL "$lang[12] $FORM{'BillPhone'}\n"; print MAIL "$lang[11] $FORM{'BillEmail'}\n"; print MAIL "$lang[41] $FORM{'customerid'}\n"; print MAIL "$lang[47] $ENV{'REMOTE_HOST'}\n"; print MAIL "$lang[48] $ENV{'REMOTE_ADDR'}\n"; if ( $ENV{'QUERY_STRING'} ne "check" ) { print MAIL "$lang[21] $FORM{'ExpirationMonth'}\n"; print MAIL "$lang[22] $FORM{'ExpirationYear'}\n"; print MAIL "$lang[13] $cardtype\n"; print MAIL "$lang[20] $FORM{'BillCreditCard'}\n"; print MAIL "$lang[53] $FORM{'switch'}\n" if ($FORM{'switch'}); } else { print MAIL "\n$lang[38] $FORM{'bank_name'}\n"; print MAIL "$lang[39] $FORM{'bank_address'}\n"; print MAIL "$lang[40] $FORM{'bank_city'}, $FORM{'bank_state'} $FORM{'bank_postal_code'}\n"; print MAIL "$lang[43] $FORM{'bank_phone'}\n"; print MAIL "$lang[34] $FORM{'check_number'}\n"; print MAIL "$lang[46] $FORM{'aba_number'}\n"; print MAIL "$lang[35] $FORM{'check_date'}\n"; print MAIL "$lang[44] $FORM{'routing_number'}\n"; print MAIL "$lang[45] $FORM{'account_number'}\n"; print MAIL "$lang[37] $FORM{'authorized_by'}\n"; } if ( $FORM{'append_datafile'} ) { print MAIL "\n################################################\n\n"; } if ( $FORM{'mailprog'} eq "windmail -t" ) { print MAIL ".\n"; } close (MAIL); } sub email_pgp_body { open(FILE,"$pgptempdir/$pgptempfile"); binmode(FILE); binmode(MAIL); @pgplines=<FILE>; close(FILE); foreach (@pgplines) { print MAIL "$_"; } close(MAIL); } sub authorized_referrers { if ($authorized_referrers) { $http_referer = "$ENV{'HTTP_REFERER'}"; $http_referer =~ s/(http:\/\/)//i; $http_referer =~ s/(https:\/\/)//i; while ( $http_referer =~ /\// ) { chop($http_referer); } $pass_through = 0; foreach (@authorized_referrers) { if ( $http_referer =~ /($_)/ ) { $pass_through = 1; } } if (!$pass_through) { print "Content-type: text/html\n\n"; print "<HTML><HEAD>"; if ( $ENV{'HTTPS'} =~ /(on)/i ) { print "<TITLE>$lang[1]"; } else { print "<TITLE>$lang[25]"; } print " - $FORM{'MerchantName'}</TITLE>"; if ( $FORM{'MerchantBgrdColor'} =~ /^(http)/ ) { print "<BODY BGCOLOR=\"#FFFFFF\" BACKGROUND=\"$FORM{'MerchantBgrdColor'}\">"; } else { print "<BODY BGCOLOR=\"$FORM{'MerchantBgrdColor'}\">"; } print "<H4><CENTER><FONT FACE=\"$FORM{'MerchantFont'}\" COLOR=\"$FORM{'MerchantFontColor'}\">"; print "<BR>$lang[55]<BR><BR>$ENV{'HTTP_REFERER'}"; print "</FONT></CENTER></H4></BODY></HTML>"; exit; } } } sub order_tracking { if ($FORM{'ssl_tracking_dir'}) { $tracking[1] = "$FORM{'customerid'}"; $tracking[2] = "$FORM{'BillName'}"; $tracking[3] = "$FORM{'BillEmail'}"; $tracking[4] = "$FORM{'BillPhone'}"; $tracking[5] = "$FORM{'fulltotal'}"; $tracking[9] = "$date"; $tracking[11] = "$FORM{'BillStreet'}"; $tracking[12] = "$FORM{'BillCity'}"; $tracking[13] = "$FORM{'BillState'}"; $tracking[14] = "$FORM{'BillZip'}"; $tracking[15] = "$FORM{'BillCountry'}"; $tracking[16] = "$subject"; $tracking[17] = "$ENV{'REMOTE_HOST'}"; $tracking[18] = "$ENV{'REMOTE_ADDR'}"; if ( $ENV{'QUERY_STRING'} ne "check" ) { $tracking[19] = "$FORM{'ExpirationMonth'}"; $tracking[20] = "$FORM{'ExpirationYear'}"; $tracking[21] = "$cardtype"; $tracking[22] = "$FORM{'BillCreditCard'}"; $tracking[23] = "$FORM{'switch'}"; } else { $tracking[19] = "$FORM{'bank_name'}"; $tracking[20] = "$FORM{'bank_address'}"; $tracking[21] = "$FORM{'bank_city'}"; $tracking[22] = "$FORM{'bank_state'}"; $tracking[23] = "$FORM{'bank_postal_code'}"; $tracking[24] = "$FORM{'bank_phone'}"; $tracking[25] = "$FORM{'check_number'}"; $tracking[26] = "$FORM{'aba_number'}"; $tracking[27] = "$FORM{'check_date'}"; $tracking[28] = "$FORM{'routing_number'}"; $tracking[29] = "$FORM{'account_number'}"; $tracking[30] = "$FORM{'authorized_by'}"; } open(TRACKING,">>$FORM{'ssl_tracking_dir'}"); print TRACKING "$tracking[1]$delimiter$tracking[2]$delimiter$tracking[3]$delimiter$tracking[4]$delimiter$tracking[5]$delimiter$tracking[6]$delimiter$tracking[7]$delimiter$tracking[8]$delimiter$tracking[9]$delimiter$tracking[10]$delimiter$tracking[11]$delimiter$tracking[12]$delimiter$tracking[13]$delimiter$tracking[14]$delimiter$tracking[15]$delimiter$tracking[16]$delimiter$tracking[17]$delimiter$tracking[18]$delimiter$tracking[19]$delimiter$tracking[20]$delimiter$tracking[21]$delimiter$tracking[22]"; if ( $ENV{'QUERY_STRING'} ne "check" && ($FORM{'switch'}) ) { print TRACKING "$delimiter$tracking[23]"; } if ( $ENV{'QUERY_STRING'} eq "check" ) { print TRACKING "$delimiter$tracking[23]$delimiter$tracking[24]$delimiter$tracking[25]$delimiter$tracking[26]$delimiter$tracking[27]$delimiter$tracking[28]$delimiter$tracking[29]$delimiter$tracking[30]"; } print TRACKING "\n"; close(TRACKING); } } sub diagnostics { if ($ENV{'QUERY_STRING'} eq "env" ) { print "Content-type: text/html\n\n"; print "<STRONG>\%ENV Environment variables:</STRONG><BR><BR>"; foreach $key (sort { $a cmp $b } keys %ENV ) { print "$key = $ENV{$key}<br>\n"; } print "Perl Version: $]<BR>\n"; print "Sendmail?: $FORM{'mailprog'}<BR>\n"; exit; } if ( (!$vars_security) && ($ENV{'QUERY_STRING'} eq "path") ) { if ($ENV{'PATH_TRANSLATED'} || $ENV{'OS'}) { if ($ENV{'PATH_TRANSLATED'}) { $windows_path = $ENV{'PATH_TRANSLATED'}; $windows_path = $ENV{'PATH_TRANSLATED'}; } if ($ENV{'DOCUMENT_ROOT'}) { $temp = "$ENV{'DOCUMENT_ROOT'}"; while ($temp =~ /[\\|\/]$/) { chop($temp); } if (!-e "$temp$ENV{'SCRIPT_NAME'}") { $a = ""; until ($a eq "/" || $a eq "\\" || $temp eq "") { $a = chop($temp); } } $windows_path = "$temp$ENV{'SCRIPT_NAME'}"; $windows_path = "$temp$ENV{'SCRIPT_NAME'}"; } $windows_path =~ s/\\/\//g; $a = ""; until ( !$windows_path || $a eq "/" ) { $a = chop($windows_path); } if (!-e "$windows_path") { $windows_path = "I don't know the system path. Ask your host. =)"; } } if ($ENV{'DOCUMENT_ROOT'} && !$ENV{'OS'}) { $path = `pwd`; if (!-e "$path") { $path = "$ENV{'DOCUMENT_ROOT'}$ENV{'SCRIPT_NAME'}"; } if (!-e "$path") { $path = "$ENV{'SCRIPT_FILENAME'}"; } $a = ""; until ( !$path || $a eq "/" ) { $a = chop($path); } if (!-e "$path") { $path = "I don't know the system path. Ask your host. =)"; } } if (!$ENV{'DOCUMENT_ROOT'} && !$ENV{'OS'} ) { $windows_95_path = "$ENV{'PATH'}"; while ( $windows_95_path =~ /;/ ) { chop($windows_95_path); } $windows_95_path .= "$ENV{'SCRIPT_NAME'}"; $windows_95_path =~ s/\\/\//g; $a = ""; until ( !$windows_95_path || $a eq "/" ) { $a = chop($windows_95_path); } if (!-e "$windows_95_path") { $windows_95_path = "I don't know the system path. Ask your host. =)"; } } print "Content-type: text/html\n\n"; print "$path<BR>"; print "$windows_path<BR>"; print "$windows_95_path<BR>"; if ($vars_variable_set) { print "You have set \$vars to: \"$vars_variable_set\""; } exit; } if ($ENV{'QUERY_STRING'} eq "lang" ) { print "Content-type: text/html\n\n"; print "<STRONG>Language variables:</STRONG><BR><BR>"; $n = 0; foreach $lang (@lang) { $lang =~ s/\</\</g; print "$n -->$lang<BR>\n"; $n++; } exit; } if ( $ENV{'QUERY_STRING'} =~ /^write_test/i && $blat_different_temp_directory ) { $path1 = "$blat_different_temp_directory/test.txt"; open(FILE,">>$path1"); print FILE "testing... \n"; close(FILE); print "Content-type: text/html\n\n"; print "<B>Blat/Windmail temp directory write permissions test:</B><BR>"; open(FILE,"$path1"); @lines = <FILE>; close(FILE); open(FILE,"$path2"); @lines2 = <FILE>; close(FILE); print "<TABLE BORDER=1> <TR><TD>System Path:</TD><TD>$path1</TD></TR> <TR><TD>Writable?</TD><TD>@lines </TD></TR> </TABLE><BR>"; print "Are the contents of the above table growing or changing as you click the RELOAD/REFRESH button at the top of your browser? If not then permissions are not set as writable. If you don't know how to set the permissions, send your host the URL to this page and ask your them to set permissions for you on this directory and file so the cart.pl script can write to them."; &footer; } }