diff --git a/.gitignore b/.gitignore
index f613791a1a..979a3b974d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,6 +9,7 @@ news/????/index.xsl
news/*/.*.??.xml
global/data/texts/.texts.??.xml
global/data/topbanner/.topbanner.??.xml
+order/catalogue.xml
.default.xsl
.localmenu.*.xml
.*.xmllist
diff --git a/Makefile b/Makefile
index c47c68b63a..021094f93e 100644
--- a/Makefile
+++ b/Makefile
@@ -155,3 +155,6 @@ localmenus: $(SUBDIRS)
all: xmllists
xmllists: $(SUBDIRS)
tools/update_xmllists.sh
+
+order/catalogue.xml: order/catalogue.xsl $(wildcard order/*/item*.xml)
+ (echo -e "\n"; xsltproc $^; echo "") > $@
diff --git a/cgi-bin/weborder.pl b/cgi-bin/weborder.pl
index 7e85ced1b7..ea720f508b 100755
--- a/cgi-bin/weborder.pl
+++ b/cgi-bin/weborder.pl
@@ -23,6 +23,7 @@ use Encode qw(decode encode);
use POSIX qw(strftime);
use Digest::SHA qw(sha1_hex);
use MIME::Lite;
+use XML::LibXML;
use utf8;
# -----------------------------------------------------------------------------
@@ -56,7 +57,7 @@ if ($country_code eq 'DE') {
$shipping = 8;
}
-# Remove all parameters except for items and prices.
+# Remove all parameters except for items.
$query->delete("url", "name", "address", "zip", "city", "country", "email", "phone", "language");
my $lang = substr $language, 0, 2;
@@ -83,13 +84,16 @@ if (!$email) {
exit;
}
+my $catalogue_file = $ENV{"DOCUMENT_ROOT"} . "/order/catalogue.xml";
+my $catalogue = XML::LibXML->load_xml(location => $catalogue_file);
+
my $count = 0;
my $amount = 0;
foreach $item ($query->param) {
$value = $query->param($item);
- if (not $item =~ /^_/ and $value) {
- my $price = $query->param("_$item");
+ if ($value) {
+ my $price = $catalogue->findvalue("/catalogue/item[\@id=\"$item\"]/\@price");
$count += 1;
$amount += $value * $price;
}
@@ -131,8 +135,8 @@ my $body = "$name\n$address\n$zip $city\n$country_name\nPhone: $phone\n\n";
foreach $item ($query->param) {
$value = $query->param($item);
- if (not $item =~ /^_/ and $value) {
- my $price = $query->param("_$item");
+ if ($value) {
+ my $price = $catalogue->findvalue("/catalogue/item[\@id=\"$item\"]/\@price");
$body .= sprintf "%-30s %3u x %5.2f = %6.2f\n", $item, $value, $price, $value * $price;
}
}
@@ -165,8 +169,8 @@ push @odtfill, "ZipCity=" . $zip . " " . $city;
push @odtfill, "Country=" . $country_name;
foreach $item ($query->param) {
$value = $query->param($item);
- if (not $item =~ /^_/ and $value) {
- my $price = $query->param("_$item");
+ if ($value) {
+ my $price = $catalogue->findvalue("/catalogue/item[\@id=\"$item\"]/\@price");
push @odtfill, "Count=" . $value;
push @odtfill, "Item=" . $item;
push @odtfill, "Amount=" . sprintf "%.2f", $value * $price;
diff --git a/order/catalogue.xsl b/order/catalogue.xsl
new file mode 100644
index 0000000000..2510426634
--- /dev/null
+++ b/order/catalogue.xsl
@@ -0,0 +1,17 @@
+
+
+
+
+
+
+
+
+
+
+ _
+
+
+
+
+
+
diff --git a/order/order.xsl b/order/order.xsl
index 437a200b74..9301f0f70c 100644
--- a/order/order.xsl
+++ b/order/order.xsl
@@ -127,21 +127,6 @@
-
-
-
- hidden
-
- _
-
- _
-
-
-
-
-
-
-