Source files of fsfe.org, pdfreaders.org, freeyourandroid.org, ilovefs.org, drm.info, and test.fsfe.org. Contribute: https://fsfe.org/contribute/web/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

weborder.pl 8.1KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232
  1. #!/usr/bin/perl
  2. # -----------------------------------------------------------------------------
  3. # Process merchandise order
  4. # -----------------------------------------------------------------------------
  5. # Copyright (C) 2008-2019 Free Software Foundation Europe <contact@fsfe.org>
  6. #
  7. # This program is free software: you can redistribute it and/or modify it under
  8. # the terms of the GNU Affero General Public License as published by the Free
  9. # Software Foundation, either version 3 of the License, or (at your option) any
  10. # later version.
  11. #
  12. # This program is distributed in the hope that it will be useful, but WITHOUT
  13. # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  14. # FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
  15. # details.
  16. #
  17. # You should have received a copy of the GNU Affero General Public License
  18. # along with this program. If not, see <http://www.gnu.org/licenses/>
  19. # -----------------------------------------------------------------------------
  20. use CGI;
  21. use Encode qw(decode encode);
  22. use POSIX qw(strftime);
  23. use Digest::SHA qw(sha1_hex);
  24. use MIME::Lite;
  25. use utf8;
  26. # -----------------------------------------------------------------------------
  27. # Get parameters
  28. # -----------------------------------------------------------------------------
  29. my $query = new CGI;
  30. if ($query->param("url")) {
  31. print "Content-type: text/html\n\n";
  32. print "<p>Invalid input!</p>\n";
  33. exit;
  34. }
  35. my $name = decode("utf-8", $query->param("name"));
  36. my $address = decode("utf-8", $query->param("address"));
  37. my $email = decode("utf-8", $query->param("email"));
  38. my $phone = decode("utf-8", $query->param("phone"));
  39. my $language = $query->param("language");
  40. # Remove all parameters except for items and prices.
  41. $query->delete("url", "name", "address", "email", "phone", "language");
  42. my $lang = substr $language, 0, 2;
  43. # -----------------------------------------------------------------------------
  44. # Calculate total amount and do some sanity checks
  45. # -----------------------------------------------------------------------------
  46. if (!$name) {
  47. print "Content-type: text/html\n\n";
  48. print "<p>Please enter your name!</p>\n";
  49. exit;
  50. }
  51. if (!$email) {
  52. print "Content-type: text/html\n\n";
  53. print "<p>Please enter your email address!</p>\n";
  54. exit;
  55. }
  56. my $count = 0;
  57. my $amount = 0;
  58. foreach $item ($query->param) {
  59. $value = $query->param($item);
  60. if (not $item =~ /^_/ and $value) {
  61. my $price = $query->param("_$item");
  62. $count += 1;
  63. $amount += $value * $price;
  64. }
  65. }
  66. if ($count < 2) {
  67. print "Content-type: text/html\n\n";
  68. print "<p>No items selected!</p>\n";
  69. exit;
  70. }
  71. if ($amount > 999) {
  72. print "Content-type: text/html\n\n";
  73. print "<p>Sorry, total amount too large.</p>\n";
  74. exit;
  75. }
  76. my $amount_f = sprintf "%.2f", $amount ;
  77. my $amount100 = $amount * 100;
  78. my $vat = sprintf "%.2f", ($amount_f / 1.19) * 0.19;
  79. my $net = sprintf "%.2f", $amount_f - $vat;
  80. # -----------------------------------------------------------------------------
  81. # Create payment reference for this order
  82. # -----------------------------------------------------------------------------
  83. my $date = strftime("%j", localtime);
  84. my $time = strftime("%s", localtime);
  85. my $reference = "MP" . $date . (substr $time, -4) . (sprintf "%03u", $amount);
  86. # -----------------------------------------------------------------------------
  87. # Compile email text
  88. # -----------------------------------------------------------------------------
  89. my $body = "$name\n$address\nPhone: $phone\n\n";
  90. foreach $item ($query->param) {
  91. $value = $query->param($item);
  92. if (not $item =~ /^_/ and $value) {
  93. my $price = $query->param("_$item");
  94. $body .= sprintf "%-30s %3u x %5.2f = %6.2f\n", $item, $value, $price, $value * $price;
  95. }
  96. }
  97. $body .= "---------------------------------------------------\n";
  98. $body .= sprintf("Total amount € %6.2f\n", $amount);
  99. $body .= "===================================================\n";
  100. # -----------------------------------------------------------------------------
  101. # Generate invoice
  102. # -----------------------------------------------------------------------------
  103. my @odtfill = qw();
  104. # odtfill script
  105. push @odtfill, $ENV{"DOCUMENT_ROOT"} . "/cgi-bin/odtfill";
  106. # template file
  107. push @odtfill, $ENV{"DOCUMENT_ROOT"} . "/templates/invoice.odt";
  108. # output file
  109. push @odtfill, "/tmp/invoice.odt";
  110. # placeholder replacements
  111. push @odtfill, "repeat=" . $count;
  112. push @odtfill, "Name=" . $name;
  113. push @odtfill, "Address=" . $address =~ s/\n/\\n/gr;
  114. foreach $item ($query->param) {
  115. $value = $query->param($item);
  116. if (not $item =~ /^_/ and $value) {
  117. my $price = $query->param("_$item");
  118. push @odtfill, "Count=" . $value;
  119. push @odtfill, "Item=" . $item;
  120. push @odtfill, "Amount=" . sprintf "%.2f", $value * $price;
  121. }
  122. }
  123. push @odtfill, "Total=" . $amount_f;
  124. push @odtfill, "Net=" . $net;
  125. push @odtfill, "Vat=" . $vat;
  126. push @odtfill, "Code=" . $reference;
  127. # run the script
  128. system @odtfill;
  129. # -----------------------------------------------------------------------------
  130. # Send email to OTRS
  131. # -----------------------------------------------------------------------------
  132. $msg = MIME::Lite->new(
  133. "From:" => encode("MIME-Q", $name) . " <$email>",
  134. "To:" => "contact\@fsfe.org",
  135. "Subject:" => "$reference",
  136. "X-OTRS-Queue:" => "Finance::Merchandise Orders",
  137. "X-OTRS-DynamicField-OrderID:" => "$reference",
  138. "X-OTRS-DynamicField-OrderAmount:" => "$amount",
  139. "X-OTRS-DynamicField-OrderLanguage:" => "$language",
  140. "X-OTRS-DynamicField-OrderState:" => "order",
  141. Type => "multipart/mixed");
  142. $msg->attach(
  143. Type => "text/plain; charset=utf-8",
  144. Encoding => "8bit",
  145. Data => encode("utf-8", $body));
  146. $msg->attach(
  147. Type => "application/vnd.oasis.opendocument.text",
  148. Path => "/tmp/invoice.odt");
  149. $msg->send("sendmail", FromSender => $email);
  150. # -----------------------------------------------------------------------------
  151. # Generate form for ConCardis payment
  152. # -----------------------------------------------------------------------------
  153. my $passphrase = "Only4TestingPurposes";
  154. my $shastring =
  155. "ACCEPTURL=http://fsfe.org/order/thankyou.$lang.html$passphrase" .
  156. "AMOUNT=$amount100$passphrase" .
  157. "CANCELURL=http://fsfe.org/order/cancel.$lang.html$passphrase" .
  158. "CN=$name$passphrase" .
  159. "CURRENCY=EUR$passphrase" .
  160. "EMAIL=$email$passphrase" .
  161. "LANGUAGE=$language$passphrase" .
  162. "ORDERID=$reference$passphrase" .
  163. "PMLISTTYPE=2$passphrase" .
  164. "PSPID=40F00871$passphrase" .
  165. "TP=https://fsfe.org/order/tmpl-concardis.$lang.html$passphrase";
  166. my $shasum = uc sha1_hex($shastring);
  167. my $form = " <!-- payment parameters -->\n" .
  168. " <input type=\"hidden\" name=\"PSPID\" value=\"40F00871\"/>\n" .
  169. " <input type=\"hidden\" name=\"orderID\" value=\"$reference\"/>\n" .
  170. " <input type=\"hidden\" name=\"amount\" value=\"$amount100\"/>\n" .
  171. " <input type=\"hidden\" name=\"currency\" value=\"EUR\"/>\n" .
  172. " <input type=\"hidden\" name=\"language\" value=\"$language\"/>\n" .
  173. " <input type=\"hidden\" name=\"CN\" value=\"$name\"/>\n" .
  174. " <input type=\"hidden\" name=\"EMAIL\" value=\"$email\"/>\n" .
  175. " <!-- interface template -->\n" .
  176. " <input type=\"hidden\" name=\"TP\" value=\"https://fsfe.org/order/tmpl-concardis.$lang.html\"/>\n" .
  177. " <input type=\"hidden\" name=\"PMListType\" value=\"2\"/>\n" .
  178. " <!-- post-payment redirection -->\n" .
  179. " <input type=\"hidden\" name=\"accepturl\" value=\"http://fsfe.org/order/thankyou.$lang.html\"/>\n" .
  180. " <input type=\"hidden\" name=\"cancelurl\" value=\"http://fsfe.org/order/cancel.$lang.html\"/>\n" .
  181. " <!-- SHA1 signature -->\n" .
  182. " <input type=\"hidden\" name=\"SHASign\" value=\"$shasum\"/>";
  183. # -----------------------------------------------------------------------------
  184. # Lead user to "thankyou" page
  185. # -----------------------------------------------------------------------------
  186. print "Content-type: text/html\n\n";
  187. open TEMPLATE, $ENV{"DOCUMENT_ROOT"} . "/order/tmpl-thankyou." . $lang . ".html";
  188. while (<TEMPLATE>) {
  189. s/:AMOUNT:/$amount_f/g;
  190. s/:REFERENCE:/$reference/g;
  191. s/:FORM:/$form/g;
  192. print;
  193. }
  194. close TEMPLATE;