What is wrong with this?

[quebasic2]

Here is my form processor. It doesn't work and I cannot find the problem. My server does not tell which line the problem is on. I have tried: CGI::Carp qw(fatalsToBrowser); but it does not make a difference.

#!/usr/bin/perl
&CheckReferingURL;
&ParseForm;
&GetDate;
&SendSubmission;
&SendAutoReply;
if ($Country == "United States of America&quot{
$Kissingball_Shipping="2.00";
$Wreath_Shipping="8.50";
}else{
$Kissingball_Shipping="3.50";
$Wreath_Shipping="11.00";
}
$First_Name = param('First_Name');
$Middle_Initial = param('Middle_Initial');
$Last_Name = param('Last_Name');
$Country = param('Country');
$Address = param('Address');
$City = $Config{'City');
$State_or_Province = param('State_or_Province');
$Zip_or_Postal = param('Zip_or_Postal');
$Phone_Number = param('$Phone_Number');
$Email = param('Email');
$Pay_Option = param('Pay_Option');
$Red = param('Red');
$Red_Traditional = param('Red_Traditional');
$Red_Non_Traditional= param('Red_Non_Traditional');
$Blue = param('Blue');
$Blue_Traditional = param('Blue_Traditional');
$Blue_Non_Traditional = param('Blue_Non_Traditional');
$Mauve = param('Mauve');
$Mauve_Traditional = param('Mauve_Traditional');
$Mauve_Non_Traditional = param('Mauve_Non_Traditional');
$Teasel_Teasers = param('Teasel_Teasers');
$Amount_of_Teasel_Teasers = param('Amount_of_Teasel_Teasers');
$Comments = param('Comments');
$Name = "$First_Name $Middle_Initial $Last_Name";
$Wreath_Price="25.00";
$Kissingball_Price="3.00";
$Computer_Name=$ENV{REMOTE_ADDR};
$Browser=$ENV{HTTP_USER_AGENT};
$Referrer=$ENV{HTTP_REFERER};
$email_address="wreath2you\@yahoo.com";
$subject="!!FORM FILLOUT!!";
$autoresponse="yes";
$company_name="Wreath2you";
if ($Red_Traditional == "&quot{$Red_Traditional = "0";}
if ($Red_Non_Traditional == "&quot{$Red_Non_Traditional = "0";}
if ($Blue_Traditional == "&quot{$Blue_Traditional = "0";}
if ($Blue_Non_Traditional == "&quot{$Blue_Non_Traditional = "0";}
if ($Mauve_Traditional == "&quot{$Mauve_Traditional = "0";}
if ($Mauve_Non_Traditional == "&quot{$Mauve_Non_Traditional = "0";}
if ($Amount_of_Teasel_Teasers == "&quot{$Amount_of_Teasel_Teasers = "0";}
$Red_Shipping = ($Red_Traditional+$Red_Non_Traditional)*$Wreath_Shipping;
$Red_Price = ($Red_Traditional+$Red_Non_Traditional)*$Wreath_Price;
$Red_Subtotal_Raw_Data = $Red_Price + $Red_Shipping;
$Red_Subtotal = sprintf("%.2f",$Red_Subtotal_Raw_Data);
1 while $Red_Subtotal =~ s/^(\d+)(\d{3})/$1,$2/;
$Red_Subtotal = "\$" . $Red_Subtotal;
$Red_Subtotal = sprintf("%9s\n", $Red_Subtotal);
$Red_Shipping = sprintf("%.2f",$Red_Shipping);
1 while $Red_Shipping =~ s/^(\d+)(\d{3})/$1,$2/;
$Red_Shipping = "\$" . $Red_Shipping;
$Red_Shipping = sprintf("%9s\n", $Red_Shipping);
$Red_Price = sprintf("%.2f",$Red_Price);
1 while $Red_Price =~ s/^(\d+)(\d{3})/$1,$2/;
$Red_Price = "\$" . $Red_Price;
$Red_Price = sprintf("%9s\n", $Red_Price);
if ($Red == "Yes&quot{
$Order_Red="
Red:
Traditionals: $Red_Traditional
Non-Traditionals: $Red_Non_Traditional
--------------------
Price For Red Wreaths: $Red_Price
Shipping For Red Wreaths: $Red_Shipping
Subtotal: $Red_Subtotal
";
} else {$Order_Red="";}
$Blue_Shipping = ($Blue_Traditional+$Blue_Non_Traditional)*$Wreath_Shipping;
$Blue_Price = ($Blue_Traditional+$Blue_Non_Traditional)*$Wreath_Price;
$Blue_Subtotal_Raw_Data = $Blue_Price + $Blue_Shipping;
$Blue_Subtotal = sprintf("%.2f",$Blue_Subtotal_Raw_Data);
1 while $Blue_Subtotal =~ s/^(\d+)(\d{3})/$1,$2/;
$Blue_Subtotal = "\$" . $Blue_Subtotal;
$Blue_Subtotal = sprintf("%9s\n", $Blue_Subtotal);
$Blue_Shipping = sprintf("%.2f",$Blue_Shipping);
1 while $Blue_Shipping =~ s/^(\d+)(\d{3})/$1,$2/;
$Blue_Shipping = "\$" . $Blue_Shipping;
$Blue_Shipping = sprintf("%9s\n", $Blue_Shipping);
$Blue_Price = sprintf("%.2f",$Blue_Price);
1 while $Blue_Price =~ s/^(\d+)(\d{3})/$1,$2/;
$Blue_Price = "\$" . $Blue_Price;
$Blue_Price = sprintf("%9s\n", $Blue_Price);
if ($Blue == "Yes&quot{
$Order_Blue="
Blue:
Traditionals: $Blue_Traditional
Non-Traditionals: $Blue_Non_Traditional
--------------------
Price For Blue Wreaths: $Blue_Price
Shipping For Blue Wreaths: $Blue_Shipping
Subtotal: $Blue_Subtotal
";
} else {$Order_Blue="";}
$Mauve_Shipping = ($Mauve_Traditional+$Mauve_Non_Traditional)*$Wreath_Shipping;
$Mauve_Price = ($Mauve_Traditional+$Mauve_Non_Traditional)*$Wreath_Price;
$Mauve_Subtotal_Raw_Data = $Mauve_Price + $Mauve_Shipping;
$Mauve_Subtotal = sprintf("%.2f",$Mauve_Subtotal_Raw_Data);
1 while $Mauve_Subtotal =~ s/^(\d+)(\d{3})/$1,$2/;
$Mauve_Subtotal = "\$" . $Mauve_Subtotal;
$Mauve_Subtotal = sprintf("%9s\n", $Mauve_Subtotal);
$Mauve_Shipping = sprintf("%.2f",$Mauve_Shipping);
1 while $Mauve_Shipping =~ s/^(\d+)(\d{3})/$1,$2/;
$Mauve_Shipping = "\$" . $Mauve_Shipping;
$Mauve_Shipping = sprintf("%9s\n", $Mauve_Shipping);
$Mauve_Price = sprintf("%.2f",$Mauve_Price);
1 while $Mauve_Price =~ s/^(\d+)(\d{3})/$1,$2/;
$Mauve_Price = "\$" . $Mauve_Price;
$Mauve_Price = sprintf("%9s\n", $Mauve_Price);
if ($Mauve == "Yes&quot{
$Order_Mauve="
Mauve:
Traditionals: $Mauve_Traditional
Non-Traditionals: $Mauve_Non_Traditional
--------------------
Price For Mauve Wreaths: $Mauve_Price
Shipping For Mauve Wreaths: $Mauve_Shipping
Subtotal: $Mauve_Subtotal
";
} else {$Order_Mauve="";}
$Teaser_Price = $Amount_of_Teasel_Teasers * $Kissingball_Price;
$Teaser_Shipping = $Amount_of_Teasel_Teasers * $Kissingball_Shipping;
$Teaser_Subtotal_Raw_Data = $Teaser_Price + $Teaser_Shipping;
$Teaser_Subtotal = sprintf("%.2f",$Teaser_Subtotal_Raw_Data);
1 while $Teaser_Subtotal =~ s/^(\d+)(\d{3})/$1,$2/;
$Teaser_Subtotal = "\$" . $Teaser_Subtotal;
$Teaser_Subtotal = sprintf("%9s\n", $Teaser_Subtotal);
$Teaser_Shipping = sprintf("%.2f",$Teaser_Shipping);
1 while $Teaser_Shipping =~ s/^(\d+)(\d{3})/$1,$2/;
$Teaser_Shipping = "\$" . $Teaser_Shipping;
$Teaser_Shipping = sprintf("%9s\n", $Teaser_Shipping);
$Teaser_Price = sprintf("%.2f",$Teaser_Price);
1 while $Teaser_Price =~ s/^(\d+)(\d{3})/$1,$2/;
$Teaser_Price = "\$" . $Teaser_Price;
$Teaser_Price = sprintf("%9s\n", $Teaser_Price);
if ($Teasel_Teasers == "Yes&quot{
$Order_Teaser="
Teasel Teasers:
Quantity: $Amount_of_Teasel_Teasers
--------------------
Price For Teasle Teaser: $Teaser_Price
Shipping For Teasle Teaser: $Teaser_Shipping
Subtotal: $Teaser_Subtotal
";
} else {$Order_Teaser="";}
$Cost = $Red_Subtotal_Raw_Data+$Blue_Subtotal_Raw_Data+$Mauve_Subtotal_Raw_Data+$Teaser_Subtotal_Raw_Data;
$Cost = sprintf("%.2f",$Cost);
1 while $Cost =~ s/^(\d+)(\d{3})/$1,$2/;
$Cost = "\$" . $Cost;
$Cost = sprintf("%9s\n", $Cost);
$response_subject="Thank You For Ordering!";
$response_mail="Thank you $First_Name $Middle_Initial, $Last_Name for your order of
$Order_Red $Order_Blue $Order_Mauve $Order_Teaser
------------------------

Total Cost: $Cost

Pay Option: $Pay_Option

We will respond as quickly as we can. We hope that you will enjoy our product.

Wreath2you";
$thank_you_page="wreaths.port5.com/thankyou.html";
$error_page="wreaths.port5.com/index.html";
$custom_message="
Name: $First_Name $Middle_Initial, $Last_Name
Address:
$Address
$City, $State_or_Province $Zip_or_Postal
$Country

Phone Number: $Phone_Number
Email: $Email

--------------------------------------------------------------

Order:
$Order_Red $Order_Blue $Order_Mauve $Order_Teaser
------------------------

Total Cost: $Cost

Pay Option: $Pay_Option
--------------------------------------------------------------

Comments:
$Comments

--------------------------------------------------------------

SENDER INFO:
IP: $REMOTE_ADDR
Computer Name: $Computer_Name
Browser Type: $Browser
Page Referer: $Referrer

--------------------------------------------------------------";
print "Location: wreaths.port5.com/thankyou.html\n\n";
exit;
sub SendSubmission {
open (MAIL,"|/usr/lib/sendmail -t"
print MAIL "To: wreath2you@yahoo.com\n";
print MAIL "From: $Email\n";
print MAIL "Subject: !!FORM FILLOUT!!\n";
print MAIL "$Date\n\n";
print MAIL "E-Mail Message\n\n";
print MAIL "From: $Name\n";
print MAIL "Email: $Email\n\n";
print MAIL "$custom_message";
close (MAIL);
}
sub SendAutoReply {
open (MAIL,"|$MailProgram -t"
print MAIL "To: $Email\n";
print MAIL "From: wreath2you@yahoo.com\n";
print MAIL "Subject: Thanks for ordering!\n";
print MAIL "$\n";
print MAIL "$Date\n\n";
print MAIL "Thanks for you message!\n\n";
print MAIL "$response_mail";
close (MAIL);
}
sub GetDate {
@days = ('Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday');
@months = ('01','02','03','04','05','06','07','08','09','10','11','12');
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
$year = $year+1900;
$Date = "$days[$wday] $months[$mon]/$mday/$year";
sub CheckReferingURL {
if ($ENV{'HTTP_REFERER'}) {
if ($ENV{'HTTP_REFERER'} =~ "

http://www.geocities.com/wreath2you/"

/i) {
$check_referer = '1';
}}
else {$check_referer = '1';}
if ($check_referer != 1) {
print "Location:

http://www.geocities.com/wreath2you/\n\n";

exit;
}}
exit;
}

 

[missbarbell]

Running on my machine I get:

---------- Perl ----------
Bareword found where operator expected at quebasic2.pl line 247, near "print "Location:

http://www.geocities.com/wreath2you"

(Might be a runaway multi-line // string starting on line 242)
(Do you need to predeclare print?)
Backslash found where operator expected at quebasic2.pl line 247, near "n\"
String found where operator expected at quebasic2.pl line 247, at end of line
(Missing semicolon on previous line?)
syntax error at quebasic2.pl line 19, near "'City')"
In string, @yahoo now must be written as \@yahoo at quebasic2.pl line 213, near "To: wreath2you@yahoo"
syntax error at quebasic2.pl line 242, near ""

http://www.geocities.com/wreath2you/";"

syntax error at quebasic2.pl line 247, near "print "Location:

http://www.geocities.com/wreath2you"

Can't find string terminator '"' anywhere before EOF at quebasic2.pl line 247.
Normal Termination
Output completed (1 sec consumed).


I have to comment on a few Pearls Of Wisdom though.

1) You don't have any taint checking whatsoever on your param() values. VERY, VERY dangerous. You could become a spammers dream, or worse open your system to being hacked.
2) The only exit you need is in the CheckReferingURL sub, if its correct.
3) From what I can see, Red, Blue and Mauve all follow the same pattern of code. As such you could easily simplify this to make it more readable
4) You do all the price processing, before you check whether that colour was ordered. Thus alot of wasted processing.
5) '==' for numerics, 'eq' for strings.
6) You haven't specified what the subroutine ParseForm is, although I suspect its the bulk of the code you've included.

Having had a play, with your code, managed to reduce and simplify to:

#!/usr/bin/perl

use CGI qwstandard);

&CheckReferingURL;
&ParseForm;
&GetDate;
&SendSubmission;
&SendAutoReply;

sub ParseForm {
if ($Country == "United States of America&quot{
$Kissingball_Shipping="2.00";
$Wreath_Shipping="8.50";
}else{
$Kissingball_Shipping="3.50";
$Wreath_Shipping="11.00";
}

# get user details
$First_Name = param('First_Name');
$Middle_Initial = param('Middle_Initial');
$Last_Name = param('Last_Name');
$Country = param('Country');
$Address = param('Address');
$City = $Config{'City'};
$State_or_Province = param('State_or_Province');
$Zip_or_Postal = param('Zip_or_Postal');
$Phone_Number = param('$Phone_Number');
$Email = param('Email');
$Pay_Option = param('Pay_Option');

# get colour order details
my @types = qw(Red Blue Mauve);
my @specifics = qw(Traditional Non_Traditional);
my %orders = ();

foreach my $colour (@types) {
$orders{$colour}->{ordered} = param("${colour}"
foreach my $specific (@specifics) {
$orders{$colour}->{$specific} = param("${colour}_${specific}&quot || 0;
}
}

# get teaser order details
$Teasel_Teasers = param('Teasel_Teasers');
$Amount_of_Teasel_Teasers = param('Amount_of_Teasel_Teasers') || 0;

# additional details
$Comments = param('Comments') ||"";
$Name = "$First_Name $Middle_Initial $Last_Name";
$Wreath_Price="25.00";
$Kissingball_Price="3.00";
$Computer_Name=$ENV{REMOTE_ADDR} ||"";
$Browser=$ENV{HTTP_USER_AGENT} ||"";
$Referrer=$ENV{HTTP_REFERER} ||"";
$email_address="wreath2you\@yahoo.com";
$subject="!!FORM FILLOUT!!";
$autoresponse="yes";
$company_name="Wreath2you";

# Calculate Order & Prepare Invoice
foreach my $colour (@types) {
next unless($orders{$colour}->{ordered} eq 'Yes');

# do calculations
$orders{$colour}->{Shipping} = ($orders{$colour}->{Traditional}+$orders{$colour}->{Non_Traditional})*$Wreath_Shipping;
$orders{$colour}->{Price} = ($orders{$colour}->{Traditional}+$orders{$colour}->{Non_Traditional})*$Wreath_Price;
$orders{$colour}->{Subtotal_Raw_Data} = $orders{$colour}->{Price}+$orders{$colour}->{Shipping};

# format prices for printing
$orders{$colour}->{Subtotal} = FormatPrice($orders{$colour}->{Subtotal_Raw_Data});
$orders{$colour}->{Shipping} = FormatPrice($orders{$colour}->{Shipping});
$orders{$colour}->{Price} = FormatPrice($orders{$colour}->{Price});

$offset = ' ' x (13 - length($colour)); # ensure the positioning of decimal point is correct
$orders{$colour}->{Order}="
$colour:
Traditionals: $orders{$colour}->{Traditional}
Non-Traditionals: $orders{$colour}->{Non_Traditional}
--------------------
Price For $colour Wreaths: $offset $orders{$colour}->{Price}
Shipping For $colour Wreaths: $offset $orders{$colour}->{Shipping}
Subtotal: $orders{$colour}->{Subtotal}
";
}

# calculate prices
$Teaser_Price = $Amount_of_Teasel_Teasers * $Kissingball_Price;
$Teaser_Shipping = $Amount_of_Teasel_Teasers * $Kissingball_Shipping;
$Teaser_Subtotal_Raw_Data = $Teaser_Price + $Teaser_Shipping;

# format prices for printing
$Teaser_Subtotal = FormatPrice($Teaser_Subtotal_Raw_Data);
$Teaser_Shipping = FormatPrice($Teaser_Shipping);
$Teaser_Price = FormatPrice($Teaser_Price);

# Prepare Teaser Invoice
push @types, 'Teaser';
if ($Teasel_Teasers eq "Yes&quot{
$orders{Teaser}->{Subtotal_Raw_Data}=$Teaser_Subtotal_Raw_Data;
$orders{Teaser}->{Order}="
Teasel Teasers:
Quantity: $Amount_of_Teasel_Teasers
--------------------
Price For Teasle Teaser: $Teaser_Price
Shipping For Teasle Teaser: $Teaser_Shipping
Subtotal: $Teaser_Subtotal
";
}

my ($Order,$Cost) = ('',0);
foreach my $type (@types) {
$Order .= $orders{$type}->{Order}.' ';
$Cost += $orders{$type}->{Subtotal_Raw_Data}
}
$Cost = FormatPrice($Cost);

$response_subject="Thank You For Ordering!";
$response_mail="Thank you $First_Name $Middle_Initial, $Last_Name for your order of
$Order
------------------------

Total Cost: $Cost

Pay Option: $Pay_Option

We will respond as quickly as we can. We hope that you will enjoy our product.

Wreath2you";
$thank_you_page="wreaths.port5.com/thankyou.html";
$error_page="wreaths.port5.com/index.html";
$custom_message="
Name: $First_Name $Middle_Initial, $Last_Name
Address:
$Address
$City, $State_or_Province $Zip_or_Postal
$Country

Phone Number: $Phone_Number
Email: $Email

--------------------------------------------------------------

Order:
$Order
------------------------

Total Cost: $Cost

Pay Option: $Pay_Option
--------------------------------------------------------------

Comments:
$Comments

--------------------------------------------------------------

SENDER INFO:
IP: $REMOTE_ADDR
Computer Name: $Computer_Name
Browser Type: $Browser
Page Referer: $Referrer

--------------------------------------------------------------";
print "Location: wreaths.port5.com/thankyou.html\n\n";
}

sub SendSubmission {
open (MAIL,"|/usr/lib/sendmail -t"
print MAIL "To: wreath2you\@yahoo.com\n";
print MAIL "From: $Email\n";
print MAIL "Subject: !!FORM FILLOUT!!\n";
print MAIL "$Date\n\n";
print MAIL "E-Mail Message\n\n";
print MAIL "From: $Name\n";
print MAIL "Email: $Email\n\n";
print MAIL "$custom_message";
close (MAIL);
}

sub SendAutoReply {
open (MAIL,"|$MailProgram -t"
print MAIL "To: $Email\n";
print MAIL "From: wreath2you\@yahoo.com\n";
print MAIL "Subject: Thanks for ordering!\n";
print MAIL "$Date\n\n";
print MAIL "Thanks for you message!\n\n";
print MAIL "$response_mail";
close (MAIL);
}

sub GetDate {
@days = ('Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday');
@months = ('01','02','03','04','05','06','07','08','09','10','11','12');
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
$year = $year+1900;
$Date = "$days[$wday] $months[$mon]/$mday/$year";
}

sub CheckReferingURL {
unless(!$ENV{'HTTP_REFERER'} ||
$ENV{'HTTP_REFERER'} =~ m|

http://www.geocities.com/wreath2you/|i)

{
print "Location:

http://www.geocities.com/wreath2you/\n\n";

exit;
}
}

sub FormatPrice {
my $price = sprintf("%.2f",$_[0]);
1 while $price =~ s/^(\d+)(\d{3})/$1,$2/;
$price = "\$" . $price;
return sprintf("%9s", $price);
}


The extra sub, FormatPrice, takes your repeated code and wraps it up into a little routine to make the code a little easier to follow.

HTH


Barbie
Leader of Birmingham Perl Mongers

http://birmingham.pm.org

 

[missbarbell]

BTW, I should mention that you can try running CGI scripts on the command line first (perl myscript.pl) to see what errors are being thrown up. Even though you might not have any parameters, basic syntax errors will be sent to STDERR. If you are running on your own server all the errors are sent your error log.

Barbie
Leader of Birmingham Perl Mongers

http://birmingham.pm.org

 

[quebasic2]

My webhost still has a problem with your script. Thanks for all your efforts. Miss barbell. What perl checking program were you using? I need one. Here is the correct code. I fixed a few minor things that you would not have been aware of. How do I check for "varible tainting."

#!/usr/bin/perl

use CGI qwstandard);

&CheckReferingURL;
&GetDate;
&SendSubmission;
&SendAutoReply;

if ($Country == "United States of America&quot{
$Kissingball_Shipping="2.00";
$Wreath_Shipping="8.50";
}else{
$Kissingball_Shipping="3.50";
$Wreath_Shipping="11.00";
}

# get user details
$First_Name = param('First_Name');
$Middle_Initial = param('Middle_Initial');
$Last_Name = param('Last_Name');
$Country = param('Country');
$Address = param('Address');
$City = $Config{'City'};
$State_or_Province = param('State_or_Province');
$Zip_or_Postal = param('Zip_or_Postal');
$Phone_Number = param('$Phone_Number');
$Email = param('Email');
$Pay_Option = param('Pay_Option');

# get colour order details
my @types = qw(Red Blue Mauve);
my @specifics = qw(Traditional Non_Traditional);
my %orders = ();

foreach my $colour (@types) {
$orders{$colour}->{ordered} = param("${colour}"
foreach my $specific (@specifics) {
$orders{$colour}->{$specific} = param("${colour}_${specific}&quot || 0;
}
}

# get teaser order details
$Teasel_Teasers = param('Teasel_Teasers');
$Amount_of_Teasel_Teasers = param('Amount_of_Teasel_Teasers') || 0;

# additional details
$Comments = param('Comments') ||"";
$Name = "$First_Name $Middle_Initial $Last_Name";
$Wreath_Price="25.00";
$Kissingball_Price="3.00";
$Computer_Name=$ENV{REMOTE_ADDR} ||"";
$Browser=$ENV{HTTP_USER_AGENT} ||"";
$Referrer=$ENV{HTTP_REFERER} ||"";
$email_address="wreath2you\@yahoo.com";
$subject="!!FORM FILLOUT!!";
$company_name="Wreath2you";

# Calculate Order & Prepare Invoice
foreach my $colour (@types) {
next unless($orders{$colour}->{ordered} eq 'Yes');

# do calculations
$orders{$colour}->{Shipping} = ($orders{$colour}->{Traditional}+$orders{$colour}->{Non_Traditional})*$Wreath_Shipping;
$orders{$colour}->{Price} = ($orders{$colour}->{Traditional}+$orders{$colour}->{Non_Traditional})*$Wreath_Price;
$orders{$colour}->{Subtotal_Raw_Data} = $orders{$colour}->{Price}+$orders{$colour}->{Shipping};

# format prices for printing
$orders{$colour}->{Subtotal} = FormatPrice($orders{$colour}->{Subtotal_Raw_Data});
$orders{$colour}->{Shipping} = FormatPrice($orders{$colour}->{Shipping});
$orders{$colour}->{Price} = FormatPrice($orders{$colour}->{Price});

$offset = ' ' x (13 - length($colour)); # ensure the positioning of decimal point is correct
$orders{$colour}->{Order}="
$colour:
Traditionals: $orders{$colour}->{Traditional}
Non-Traditionals: $orders{$colour}->{Non_Traditional}
--------------------
Price For $colour Wreaths: $offset $orders{$colour}->{Price}
Shipping For $colour Wreaths: $offset $orders{$colour}->{Shipping}
Subtotal: $orders{$colour}->{Subtotal}
";
}

# calculate prices
$Teaser_Price = $Amount_of_Teasel_Teasers * $Kissingball_Price;
$Teaser_Shipping = $Amount_of_Teasel_Teasers * $Kissingball_Shipping;
$Teaser_Subtotal_Raw_Data = $Teaser_Price + $Teaser_Shipping;

# format prices for printing
$Teaser_Subtotal = FormatPrice($Teaser_Subtotal_Raw_Data);
$Teaser_Shipping = FormatPrice($Teaser_Shipping);
$Teaser_Price = FormatPrice($Teaser_Price);

# Prepare Teaser Invoice
push @types, 'Teaser';
if ($Teasel_Teasers eq "Yes&quot{
$orders{Teaser}->{Subtotal_Raw_Data}=$Teaser_Subtotal_Raw_Data;
$orders{Teaser}->{Order}="
Teasel Teasers:
Quantity: $Amount_of_Teasel_Teasers
--------------------
Price For Teasle Teaser: $Teaser_Price
Shipping For Teasle Teaser: $Teaser_Shipping
Subtotal: $Teaser_Subtotal
";
}

my ($Order,$Cost) = ('',0);
foreach my $type (@types) {
$Order .= $orders{$type}->{Order}.' ';
$Cost += $orders{$type}->{Subtotal_Raw_Data}
}
$Cost = FormatPrice($Cost);

$response_subject="Thank You For Ordering!";
$response_mail="Thank you $First_Name $Middle_Initial, $Last_Name for your order of
$Order
------------------------

Total Cost: $Cost

Pay Option: $Pay_Option

We will respond as quickly as we can. We hope that you will enjoy our product.

Wreath2you";
$thank_you_page="wreaths.port5.com/thankyou.html";
$error_page="wreaths.port5.com/index.html";
$custom_message="
Name: $First_Name $Middle_Initial, $Last_Name
Address:
$Address
$City, $State_or_Province $Zip_or_Postal
$Country

Phone Number: $Phone_Number
Email: $Email

--------------------------------------------------------------

Order:
$Order
------------------------

Total Cost: $Cost

Pay Option: $Pay_Option
--------------------------------------------------------------

Comments:
$Comments

--------------------------------------------------------------

SENDER INFO:
IP: $REMOTE_ADDR
Computer Name: $Computer_Name
Browser Type: $Browser
Page Referer: $Referrer

--------------------------------------------------------------";
print "Location: wreaths.port5.com/thankyou.html\n\n";
}

sub SendSubmission {
open (MAIL,"|/usr/lib/sendmail -t"
print MAIL "To: wreath2you\@yahoo.com\n";
print MAIL "From: $Email\n";
print MAIL "Subject: !!FORM FILLOUT!!\n";
print MAIL "$Date\n\n";
print MAIL "E-Mail Message\n\n";
print MAIL "From: $Name\n";
print MAIL "Email: $Email\n\n";
print MAIL "$custom_message";
close (MAIL);
}

sub SendAutoReply {
open (MAIL,"|$MailProgram -t"
print MAIL "To: $Email\n";
print MAIL "From: wreath2you\@yahoo.com\n";
print MAIL "Subject: Thanks for ordering!\n";
print MAIL "$Date\n\n";
print MAIL "Thanks for you message!\n\n";
print MAIL "$response_mail";
close (MAIL);
}

sub GetDate {
@days = ('Sunday','Monday','Tuesday','Wednesday','Thursday','Friday','Saturday');
@months = ('01','02','03','04','05','06','07','08','09','10','11','12');
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time);
$year = $year+1900;
$Date = "$days[$wday] $months[$mon]/$mday/$year";
}

sub CheckReferingURL {
unless(!$ENV{'HTTP_REFERER'} ||
$ENV{'HTTP_REFERER'} =~ m|

http://www.geocities.com/wreath2you/|i)

{
print "Location:

http://www.geocities.com/wreath2you/\n\n";;

exit;
}
}

sub FormatPrice {
my $price = sprintf("%.2f",$_[0]);
1 while $price =~ s/^(\d+)(\d{3})/$1,$2/;
$price = "\$" . $price;
return sprintf("%9s", $price);
}

 

[missbarbell]

> What perl checking program were you using?

The oldest one in the Perl repertoire:

#!/usr/bin/perl -w
use strict;

I simply ran your code on the command line (I'm currently using Win2k, so DOS window works too) as:

perl myscript.pl

And that was the output that was generated. If you are ever having problems, always try running on the command line, as quite often the errors can be determined quickly.

> How do I check for "varible tainting."

I'm planning to write a FAQ next week on this. There are several ways to approach this, but basically you treat everything from the outside world as suspicious. In order to make a value safe, you use a regex on it, such as:

my $number = param('number'); # unsafe
$number =~ s/\D+//g; # safe

This ensures the value ONLY contains digits. You can obviously make these very complicated, but at it's heart you are ensuring you are only getting the characters the value expects.

For more details see the "CGI/Perl Taint Mode FAQ" [1]

[1]

http://gunther.web66.com/FAQS/taintmode.html

Barbie
Leader of Birmingham Perl Mongers

http://birmingham.pm.org

 

[quebasic2]

I see one problem in my script above, I did not remove the bracket at the end of the main module. It was a sub in missbarbell's recode.

 

[quebasic2]

Okay, my form now functions. Sort of .

I was told that $Email = param('Email'); would take the content of varible Email in my form, and put it in varible $Email so that I could process it in my form. However, my form is not sending any of the form information along. This is what it looks like:

Phone Number:
Email:

How can I fix this?

 

[quebasic2]

One more thing, I need a sub that will send someone to a designated page when the form is submitted. Can someone please add that. Thanks for all your help. I appreciate it so much.

 

[quebasic2]

Will someone please help me, I need to get this up.

 

[sulfericacid]

First thing I would suggest is you don't use initial capping for your variable names, all it does is give you a higher chance of making a typo which could take you ages to debug.

Second, I think I might be blind but I don't see any heredocs or prints in the script, I'd assume it's not the latter since you'd definately get errors to browser for that.

Thirdly, it looks like your variables Phone Number and Email aren't storing any data. To verify this you should do a test print on all your variables to see what comes up missing.

"Age is nothing more than an inaccurate number bestowed upon each of us at birth as just another means for others to judge and classify us- sulfericacid