#include <infocon.style>
#include <shop.inc>
-<define-tag la><p><table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" summary=\"\"><tr><td width=\"2\" bgcolor=\"#000000\"></td><td bgcolor=\"#000000\"><table cellpadding=\"0\" cellspacing=\"1\" width=\"100%\" border=\"0\" summary=\"\"><tr><td bgcolor=\"#ffffff\"><table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" summary=\"\"></define-tag>
-<define-tag le></table></td></tr></table></td></tr></table></define-tag>
-
<page title="InfoCon - Online-Shop">
<h1 align=center>Bestellung aufgeben</h1>
<form method=post action=orderit.php3>
<?
- # So werden 1 Pixel dicke Rahmen erzeugt
- $la = "<la>";
- $le = "<le>";
+ # Porto erst einmal auf 20,-- festgesetzt
+ $porto = 20.00;
+
+ # Colors
# $ch = "#5dbbf9";
# $cd = "#9bd4fa";
# $ch = "#85c5f0";
# $cd = "#abdcfc";
- $ch = "#abdcfc";
- $cd = "#eff0f1";
+ $ch = "<colh>";
+ $cd = "<cold>";
+ $cn = "<coln>";
$tind = "<tr bgcolor=\"$ch\"><th><font face=\"Helvetica,Arial\">Anzahl</font></th>"
."<th align=\"left\"><font face=\"Helvetica,Arial\">Artikel</font></th>"
$dbh = dbconnect();
- // WHERE spool > 0
- $sth = dbquery ($dbh, "SELECT article.name,article.article,offer.subname,offer.price,offer.articleid "
- ."FROM article,offer WHERE article.article = offer.article ORDER BY offer.articleid");
+ # WHERE spool > 0
+ $sth = dbquery ($dbh, "SELECT article.name,article.article,offer.subname,offer.price,offer.articleid,spool.count_spare "
+ ."FROM article,offer,spool WHERE article.article = offer.article AND offer.articleid = spool.articleid "
+ ."ORDER BY offer.articleid");
$sum = 0.0;
- echo ($la);
+ <btable_begin>
$color = $cd;
+ $maybe_split = 0;
for ($i=0; $i < pg_NumRows ($sth); $i++) {
$row = pg_fetch_array ($sth, $i);
if (${$row['articleid']} > 0) {
+ if (${$row['articleid']} > $row['count_spare']) {
+ $maybe_split = 1;
+ }
if ($sum == 0.0) {
echo ($tind);
}
- $color = $color == $cd?"#ffffff":$cd;
+ $color = $color == $cd?$cn:$cd;
printf ("<tr bgcolor=\"%s\">", $color);
- printf ("<td width=\"10%%\" align=\"center\"><font face=\"Helvetica,Arial\">"
- ."<input type=\"hidden\" name=\"%s\" value=\"%d\">%d</font></td>",
+ printf ("<td width=\"10%%\" align=\"right\"><font face=\"Helvetica,Arial\">"
+ ."<input type=\"hidden\" name=\"%s\" value=\"%d\">%d </font></td>",
$row['articleid'], ${$row['articleid']}, ${$row['articleid']});
printf ("<td width=\"70%%\" align=\"left\"><font face=\"Helvetica,Arial\">"
printf ("<tr bgcolor=\"%s\"><th colspan=\"4\" align=\"left\"><font face=\"Helvetica,Arial\">%s</font></th>",
$ch, "Sie haben vergessen, Waren auszuwählen");
} else {
+
+ $color = $color == $cd?$cn:$cd;
+ printf ("<tr bgcolor=\"%s\">", $color);
+ printf ("<td width=\"10%%\" align=\"right\"><font face=\"Helvetica,Arial\">1 </font></td>");
+ printf ("<td width=\"70%%\" align=\"left\"><font face=\"Helvetica,Arial\">"
+ ."<a href=\"porto.html\">Porto und Verpackung</a></font></td>");
+ printf ("<td width=\"10%%\" align=\"right\"><font face=\"Helvetica,Arial\">%6.2f</font></td>",
+ $porto);
+ printf ("<td width=\"10%%\" align=\"right\"><font face=\"Helvetica,Arial\">%6.2f</font></td></tr>",
+ $porto);
+ $sum += $porto;
+
printf ("<tr bgcolor=\"%s\"><th colspan=\"3\" align=\"left\"><font face=\"Helvetica,Arial\">Summe</font></th>", $ch);
printf ("<th align=\"right\"><font face=\"Helvetica,Arial\">%7.2f</font></th></tr>", $sum);
}
- echo ($le);
+ <btable_end>
?>
-<? if ($sum > 0.0) { ?>
-<p><b>Bitte geben Sie Ihre Kundennummer oder Ihre Anschrift ein.</b>
+<?
+ if ($sum > 0.0) {
+
+ if ($maybe_split) {
+ echo ("<p><b>Nicht alle Artikel sind im Moment vorrrätig.</b><br>");
+ echo ("Sie haben die Möglichkeit, die Bestellung komplett zu erhalten, wenn die Ware vollständig ist oder "
+ ."sie aufzuteilen. Dann erhalten Sie den ersten Teil sofort und den zweiten sobald die Ware da "
+ ."ist. Achtung, bei zwei Bestellungen fällt auch zweimal Porto an.<p>");
+
+ echo ("<input name=\"split\" type=\"checkbox\" value=\"1\"> Bestellung aufteilen");
+ }
+?>
+<p><b>Bitte geben Sie Ihre Kundennummer oder Ihre Anschrift an.</b>
-<: print "<la>"; :>
+<? <btable_begin> ?>
<tr>
<td align=right><font face="Helvetica,Arial"><b>Kundennr.</b></font></td>
<td width=5></td>
-<td align=left><font face="Helvetica,Arial"><input name=customer size=30 maxlength=10></font></td>
-<td align=right><font face="Helvetica,Arial"><b>Paßwort</b></font></td>
+<td align=left><font face="Helvetica,Arial"><input name=customer size=20 maxlength=10></font></td>
+<td align=right><font face="Helvetica,Arial"><b>Kennwort</b></font></td>
<td width=5></td>
-<td align=left><font face="Helvetica,Arial"><input name=passwd type=password size=30 maxlength=10></font></td>
+<td align=left><font face="Helvetica,Arial"><input name=passwd type=password size=20 maxlength=10></font></td>
</tr>
-<: print "<le>"; :>
+<? <btable_end> ?>
<define-tag field>
<set-var %attributes>
<tr>
<td align=right width=15%><font face="Helvetica,Arial"><b><get-var n></b></font></td>
<td width=5></td>
-<td align=left><font face="Helvetica,Arial"><input name=<get-var f> size=50 maxlength=<get-var s>></font></td>
+<td align=left><font face="Helvetica,Arial"><input name=<get-var f> size=50 maxlength=<get-var s>> <get-var r></font></td>
</tr>
</define-tag>
-<: print "<la>"; :>
-<field n=Firma f=company s=60>
-<field n=Name f=lastname s=60>
-<field n=Vorname f=firstname s=60>
-<field n=Zusatz f=appendix s=60>
-<field n=Straße f=street s=60>
+<? <btable_begin> ?>
+<field n=Firma f=company s=60 r=>
+<field n=Name f=lastname s=60 r=*>
+<field n=Vorname f=firstname s=60 r=*>
+<field n=Zusatz f=appendix s=60 r=>
+<field n=Straße f=street s=60 r=*>
<tr>
<td align=right width=15%><font face="Helvetica,Arial"><b>PLZ</b></font></td>
<td width=5></td>
-<td align=left><font face="Helvetica,Arial"><input name=plz size=5 maxlength=5></font>
+<td align=left><font face="Helvetica,Arial"><input name=plz size=5 maxlength=5> *</font>
<font face="Helvetica,Arial"><b>Stadt</b></font>
- <font face="Helvetica,Arial"><input name=city size=37 maxlength=60></font></td>
+ <font face="Helvetica,Arial"><input name=city size=35 maxlength=60> *</font></td>
</tr>
<tr>
<td align=left><font face="Helvetica,Arial">Deutschland<input type=hidden name=country value=Germany size=50 maxlength=60></font></td>
</tr>
-<: print "<le>"; :>
+<tr>
+<td colspan=3 align=left width=100%><font face="Helvetica,Arial">
+<p>Die mit einem Stern (*) markierten Eingabefelder sind erforderlich.</font></td>
+</tr>
+<? <btable_end> ?>
<p><center><input type=submit value="Bestellen"> . <input type=reset value="Reset"></center>
--- /dev/null
+#include <infocon.style>
+#include <shop.inc>
+
+<page title="InfoCon - Online-Shop">
+
+<h1 align=center>Bestellung</h1>
+
+<sql_prepare>
+# BEGIN ... COMMIT oder BEGIN ... ROLLBACK
+<?
+ # Porto erst einmal auf 20,-- festgesetzt
+ $porto = 20.00;
+
+ # Colors
+ $ch = "<colh>";
+ $cd = "<cold>";
+ $cn = "<coln>";
+
+ $tbest = "<tr bgcolor=\"%s\"><td colspan=\"4\" align=\"left\"><font face=\"Helvetica,Arial\">"
+ ."<b>Bestellung Nr. %d</b><p></font></td></tr>";
+
+ $tind = "<tr bgcolor=\"$ch\"><th width=\"10%\"><font face=\"Helvetica,Arial\">Anzahl</font></th>"
+ ."<th width=\"70%\" align=\"left\"><font face=\"Helvetica,Arial\">Artikel</font></th>"
+ ."<th width=\"10%\" align=\"right\"><font face=\"Helvetica,Arial\">Einzel</font></th>"
+ ."<th width=\"10%\" align=\"right\"><font face=\"Helvetica,Arial\">Gesamt</font></th></tr>";
+
+ $trow = "<tr bgcolor=\"%s\"><td align=\"right\"><font face=\"Helvetica,Arial\">%d </font></td>"
+ ."<td align=\"left\"><font face=\"Helvetica,Arial\">"
+ ."<a href=\"show.php3?article=%s\">%s, %s</a></font></td>"
+ ."<td align=\"right\"><font face=\"Helvetica,Arial\">%6.2f</font></td>"
+ ."<td align=\"right\"><font face=\"Helvetica,Arial\">%6.2f</font></td></tr>";
+
+ $tporto = "<tr bgcolor=\"%s\"><td align=\"right\"><font face=\"Helvetica,Arial\">1 </font></td>"
+ ."<td align=\"left\"><font face=\"Helvetica,Arial\"><a href=\"porto.html\">Porto und Verpackung</a></font></td>"
+ ."<td align=\"right\"><font face=\"Helvetica,Arial\">%6.2f</font></td>"
+ ."<td align=\"right\"><font face=\"Helvetica,Arial\">%6.2f</font></td></tr>";
+
+ $tsum = "<tr bgcolor=\"%s\"><th colspan=\"3\" align=\"left\"><font face=\"Helvetica,Arial\">Summe</font></th>"
+ ."<th align=\"right\"><font face=\"Helvetica,Arial\">%7.2f</font></th></tr>";
+
+
+# Kundennr. !Kundennr.
+# / \ Kundendaten vollständig
+# / \ / \
+# korrekt inkorrekt / \
+# \ \ / Kunden aufnehmen
+# \ \ / /
+# \ Hinweis /
+# \ ->Back /
+# \ /
+# \ /
+# Bestellung aufnehmen
+# -> Lagerbestand ändern
+# -> Bestelliste
+# Bestätigung per Mail
+# Danke im Web
+#
+#
+
+ # Infobox für die Kundennummer und das Kennwort
+ # 0="Firma"/"Name"; 1=Name; 2=Kundennr.; 3=Kennwort
+ $pwinfo = "<div align=\"center\"><table border=\"0\" cellpadding=\"2\" cellspacing=\"0\" summary=\"\">"
+ ."<tr><td colspan=\"3\"bgcolor=\"<colh>\" align=\"center\"><font face=\"Helvetica,Arial\">"
+ ."<b>Ihre Kundendaten</b></font></td></tr>"
+ ."<tr><td bgcolor=\"<cold>\"><font face=\"Helvetica,Arial\"><b>%s</b></font></td>"
+ ."<td bgcolor=\"<coln>\"> </td>"
+ ."<td bgcolor=\"<coln>\"><font face=\"Helvetica,Arial\">%s</font></td></tr>"
+ ."<tr><td bgcolor=\"<cold>\"><font face=\"Helvetica,Arial\"><b>Kundennr.</b></font></td>"
+ ."<td bgcolor=\"<coln>\"> </td>"
+ ."<td bgcolor=\"<coln>\"><font face=\"Helvetica,Arial\">%s</font></td></tr>"
+ ."<tr><td bgcolor=\"<cold>\"><font face=\"Helvetica,Arial\"><b>Kennwort</b></font></td>"
+ ."<td bgcolor=\"<coln>\"> </td>"
+ ."<td bgcolor=\"<coln>\"><font face=\"Helvetica,Arial\">%s</font></td></tr></table></div><p>";
+
+
+ $ok = 0;
+
+ #if ($HTTP_REFERER != "http://infocon.infodrom.org/shop/order.php3") {
+ if (strcasecmp ($HTTP_REFERER, "http://wwww.infodrom.ffis.de/infocon.infodrom.org/shop/order.php3") != 0) {
+ echo ("<p>Hier stimmt etwas nicht."); // nämlich fehlt der richtige Referer-Wert...
+ } else /* Referer */ {
+
+ if ((strlen ($customer) > 0) && (strlen ($passwd) > 0)) {
+ $dbh = dbconnect();
+ $sth = dbquery ($dbh, sprintf ("SELECT passwd FROM customer WHERE customer = %d", $customer));
+ if (pg_NumRows ($sth) > 0) {
+ $row = pg_fetch_array ($sth, 0);
+ if ( (strlen ($row['passwd']) > 0) && ($passwd == $row['passwd'])) {
+ $ok = 1;
+ } else {
+ echo ("<p>Das angegebene Kennwort stimmt nicht mit dem gespeicherten überein.");
+ }
+ } else {
+ echo ("<p>Die angegebene Kundennummer ist falsch.");
+ }
+ } else /* customer && passwd */ {
+ if ( (strlen ($lastname) > 0)
+ && (strlen ($firstname) > 0)
+ && (strlen ($street) > 0)
+ && (strlen ($plz) > 0)
+ && (strlen ($city) > 0)
+ && (strlen ($country) > 0) ) {
+
+ <:
+ for $i (('company','firstname','lastname','appendix','street','city','country')) {
+ printf " \$%s=sql_prepare (\$%s);\n", $i, $i;
+ }
+ :>
+
+ $dbh = dbconnect();
+ $sth = dbquery ($dbh, "SELECT max(customer) FROM customer");
+ if (pg_NumRows ($sth) > 0) {
+ $row = pg_fetch_array ($sth, 0);
+ $customer = $row[0] > <kdnrmin>?$row[0]:<kdnrmin>;
+ $customer++;
+
+ # Now try to get a password
+ #
+ $pwgen = popen ("pwgen 10", "r");
+ if (!feof ($pwgen)) {
+ $newpasswd = fgets ($pwgen, 255);
+ pclose ($pwgen);
+ }
+
+ # ACHTUNG: Hier fehlt jeglicher Sicherheitsmechanismus, der verhindern könnte, daß
+ # eine Firma zig-mal direkt hintereinander mit Bestellungen ... (fixme)
+ $query = sprintf ("INSERT INTO customer (customer,company,firstname,lastname,appendix,street,plz,city,country,passwd) "
+ ."VALUES (%d,'%s','%s','%s','%s','%s',%d,'%s','%s','%s')",
+ $customer,$company,$firstname,$lastname,$appendix,$street,$plz,$city,$country,$newpasswd);
+ $sth = dbquery ($dbh, $query);
+
+ printf ($pwinfo, strlen ($company)?"Firma":"Name",
+ strlen ($company)?$company:$firstname . " " . $lastname, $customer, $newpasswd);
+ $ok = 1;
+ } else {
+ echo ("<p>Es ist ein Datenbankfehler aufgetreten.");
+ }
+
+ } else {
+ echo ("<p>Nicht alle erforderlichen Felder sind ausgefüllt.");
+ }
+ }
+ }
+
+ if ($ok) {
+ <btable_begin>
+
+ # Queries to insert Bestellung...
+
+ $sth = dbquery ($dbh, "SELECT max(dispatch) FROM dispatch");
+ if (pg_NumRows ($sth) > 0) {
+ $dmin = date("Y") . sprintf ("%05d", <dispatchmin>);
+ $row = pg_fetch_array ($sth, 0);
+ $dispatch = $row[0] > $dmin?$row[0]:$dmin;
+ $dispatch++;
+
+ # fixme: Find out if 1st dispatch will be empty first...
+ # Warning: If another user try to add dispatches, this will fail
+ $sth = dbquery ($dbh, sprintf ("INSERT INTO dispatch (dispatch,customer,date) VALUES (%d,%d,now())",
+ $dispatch, $customer));
+ $sth = dbquery ($dbh, sprintf ("INSERT INTO status (dispatch,status,staff,date) VALUES (%d,<st_order>,'web',now())",
+ $dispatch));
+
+ if ($split == 1) {
+ $sth = dbquery ($dbh, sprintf ("INSERT INTO dispatch (dispatch,customer,date) VALUES (%d,%d,now())",
+ $dispatch+1, $customer));
+ $sth = dbquery ($dbh, sprintf ("INSERT INTO status (dispatch,status,staff,date) VALUES (%d,<st_order>,'web',now())",
+ $dispatch+1));
+ }
+
+ printf ($tbest, $ch, $dispatch);
+ echo ($tind);
+
+ # Status: customer verified || created; 1 or 2 dispatches reserved
+ # WHERE spool > 0
+ $sth = dbquery ($dbh, "SELECT article.name,article.article,offer.subname,offer.price,offer.articleid,spool.count_spare,"
+ ."count_sold "
+ ."FROM article,offer,spool WHERE article.article = offer.article AND offer.articleid = spool.articleid "
+ ."ORDER BY offer.articleid");
+
+ $color = $cd;
+ $color2 = $cd;
+ $sum = 0.0;
+ $table = "";
+ for ($i=0; $i < pg_NumRows ($sth); $i++) {
+ $row = pg_fetch_array ($sth, $i);
+
+ if (${$row['articleid']} > 0) {
+ $sthi = dbquery ($dbh, sprintf ("UPDATE spool SET count_spare = %d, count_sold = %d WHERE articleid = '%s'",
+ $row['count_spare'] - ${$row['articleid']},
+ $row['count_sold'] + ${$row['articleid']},
+ $row['articleid']));
+
+ if ($split && (${$row['articleid']} > $row['count_spare'])) {
+
+ if ($row['count_spare'] > 0) {
+ $color = $color == $cd?$cn:$cd;
+ printf ($trow, $color, $row['count_spare'], $row['article'], $row['name'], $row['subname'], $row['price'],
+ $row['price'] * $row['count_spare']);
+
+ $sthi = dbquery ($dbh, sprintf ("INSERT INTO dispatchlist (dispatch,articleid,quantity,unitprice) "
+ ."VALUES (%d,'%s',%d,%5.2f)",
+ $dispatch,$row['articleid'],$row['count_spare'],$row['price']));
+ $sum += $row['price'] * $row['count_spare'];
+
+ ${$row['articleid']} -= $row['count_spare'];
+ }
+
+ $sthi = dbquery ($dbh, sprintf ("INSERT INTO dispatchlist (dispatch,articleid,quantity,unitprice) "
+ ."VALUES (%d,'%s',%d,%5.2f)",
+ $dispatch+1,$row['articleid'],${$row['articleid']},$row['price']));
+ $sum2 += $row['price'] * ${$row['articleid']};
+ $color2 = $color2 == $cd?$cn:$cd;
+ $table .= sprintf ($trow, $color2, ${$row['articleid']}, $row['article'], $row['name'], $row['subname'], $row['price'],
+ $row['price'] * ${$row['articleid']});
+ } else {
+ $color = $color == $cd?$cn:$cd;
+ printf ($trow, $color, ${$row['articleid']}, $row['article'], $row['name'], $row['subname'], $row['price'],
+ $row['price'] * ${$row['articleid']});
+ $sthi = dbquery ($dbh, sprintf ("INSERT INTO dispatchlist (dispatch,articleid,quantity,unitprice) "
+ ."VALUES (%d,'%s',%d,%5.2f)",
+ $dispatch,$row['articleid'],${$row['articleid']},$row['price']));
+ $sum += $row['price'] * ${$row['articleid']};
+ ${$row['articleid']} = 0;
+ }
+ } /* ${$row['articleid']} > 0 */
+ } /* for */
+ $color = $color == $cd?$cn:$cd;
+ printf ($tporto, $color, $porto, $porto);
+ $sum2 += $porto;
+ printf ($tsum, $ch, $sum);
+ } else {
+ echo ("<tr><td><font face=\"Helvetica,Arial\"><b>Interner Fehler.</b></font></td></tr>");
+ }
+ <btable_end>
+
+ if ($split) {
+ echo ("<p>");
+
+ <btable_begin>
+
+ printf ($tbest, $ch, $dispatch+1);
+ echo ($tind);
+ echo ($table);
+ $color2 = $color2 == $cd?$cn:$cd;
+ printf ($tporto, $color2, $porto, $porto);
+ $sum2 += $porto;
+ printf ($tsum, $ch, $sum2);
+
+ <btable_end>
+ }
+ } else {
+ echo ("<p><b>Bitte benutzen Sie den Back-Button ihres Browsers und korrigieren Sie Ihre Eingaben.</b>");
+ }
+
+?><p>
+
+</page>
+# Local variables:
+# mode: indented-text
+# mode: auto-fill
+# mode-: iso-accents
+# end: