#!/usr/bin/perl -T use CGI::Carp qw(fatalsToBrowser); use CGI qw/:standard/; # load cgi (functions for using forms and generating HTML) $CGI::POST_MAX=10240; # limit data to 10k $CGI::DISABLE_UPLOADS =1; # prevent file uploads with this script :/ use Fcntl qw(:flock); # file lock used by the order counter my $serv = $ENV{'SERVER_NAME'}; my $ip = $ENV{'REMOTE_ADDR'}; my $brow = $ENV{'HTTP_USER_AGENT'}; my $ref = $ENV{'HTTP_REFERER'}; $ENV{PATH} = "/usr/sbin/sendmail -t -i"; #for sendmail my $text= param("order"); # The text of the order hopefully my $email= param("email"); # The address for confirmation hopefully my $totals= param("totals"); # The order totals # sends us an email with customers email in case an order somehow does not get processed correctly $to = 'xxxxxxxxxxxxxxxxxxxxxxx'; $from = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'; $subject = 'A customer has placed an order'; $message = 'Email of user= '.$email; open(MAIL, "|/usr/sbin/sendmail -t"); # Email Header print MAIL "To: $to\n"; print MAIL "From: $from\n"; print MAIL "Subject: $subject\n\n"; # Email Body print MAIL $message; close(MAIL); #print "Content-type: text/html\n\n"; #print $text; #exit; # send to error page if no params detected. if (!$text) { # there was an error we did'nt get any text # do error stuff here print redirect("/Order_error.php"); exit; } $text.= "\n\n---------------------------------------\n\n" . "Server : $serv\n" . "Browser : $brow\n" . "IP : $ip\n" . "Ref : $ref\n\n"; #print $text; #exit; # $gpg_exe program to send data to -- in this case gpg # $gpg_opts commandline arguments for program -- in this case encrypt using xxxxxxxx key # $output_file file name/path to recieve result $gpg_path = "/usr/bin/gpg"; $gpg_options = "--homedir /home/xxxxxxxxxxx/.gnupg --no-permission-warning --no-use-agent --batch --no-version --no-tty --always-trust --encrypt --textmode --armor --default-recipient xxxxxxxxxxxxxxxxxxxxxxxx"; $gpg_public_key_user_id = "xxxxxxxxxxxxxxxxx"; my $rnum= 1; my $out_file = "/home/xxxxxxxxxxxxxx/public_html/cgi-bin/encPGP/".get_date() ; while(-e "$out_file$rnum") {$rnum++;} $out_file = "$out_file$rnum"; #print $out_file; $gpg_command = "$gpg_path $gpg_options "; $gpg_command .= "-r $gpg_public_key_user_id "; $gpg_command .= ">$out_file"; open (gpgCOMMAND, "|$gpg_command"); print gpgCOMMAND $text; close (gpgCOMMAND); open(gpgOUTPUT, $output_file); while () { $gpg_output .= $_; } close (gpgOUTPUT); unlink($output_file); #return($gpg_output); #1; my $date = get_date(); open (SLS, "| /usr/sbin/sendmail -t -i"); print SLS "To: xxxxxxxxxxxxxxxxxxxxxxxxx\n"; print SLS "From: ".$email."<".$email.">\n"; print SLS "Subject: Online Order $date\n\n"; my $gpg_out=""; open(gpgOUTPUT, $out_file); while() { $gpg_out .= $_; } close (gpgOUTPUT); print SLS $gpg_out; close (SLS); open (USR, "| /usr/sbin/sendmail -t -i"); print USR "To: ".$email."\n"; print USR 'From: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'."\n"; print USR "Subject: Online Order : $date\n\n"; print USR "Thank you for shopping at xxxxxxxxxxxxxxxxxxxxxxxx\n"; print USR "Your order has been received and is being processed.\n\n"; print USR "You will receive a confirmation email containing your order details within\n"; print USR "24 hours, weekends and holidays excepted.\n\n"; print USR "Order Dept.\n"; print USR "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx\n"; print USR "Toll Free xxxxxxxxxxxxxxxxxxx\n"; print USR 'Email: xxxxxxxxxxxxxxxxxxxxxxxx.com'; print USR "\n\n"; close(USR); my $url="/Order_Successful.php?v=".$totals; my $t=1; # time until redirect activates print "Content-type: text/html\n\n"; print "\n"; sub get_date() { my($sec,$min,$hour,$mDay,$mon,$year,$wday,$yday,$isdst) = localtime(time); $year = $year + 1900; my @month = ("Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"); my $date1 = "$mDay"."_$month[$mon]_$year"."_"; return $date1; } sub get_order_num() { # reads the number of orders from a file with locking and error checking # and adds one to it sysopen(FH, "/home/xxxxxxxxxxxxxxxxx/cgi-bin/encPGP/order_cnt.txt", O_RDWR|O_CREAT) or return(-1); flock(FH, LOCK_EX) or return(-1); my $num = || 0; seek(FH, 0, 0) or return(-1); truncate(FH, 0) or return(-1); (print FH $num+1, "\n") or return(-1); close FH or return(-1); return($num); }