A CGI script for processing order forms, developed in 2004. Handles order submissions with fields for product name, model, condition, notes, company name, contact person, email, website, city, and phone. Features include: form validation, profanity filtering, duplicate request prevention, order status tracking (executed/not executed), admin interface for marking orders as executed, pagination (4 orders per page), IP address and browser tracking, and template-based HTML output.
This script does not use a database. Instead, it reads and writes data directly to plain text files:
<gbrec> tagsThis file-based approach was common in 2004 when database setup was more complex and many shared hosting providers didn't include database access. The script parses the text files line by line, extracts order data using pattern matching, and writes new orders by appending to the file. While simpler than database-driven solutions, this approach works well for small to medium-sized order management systems.
#!/usr/bin/perl
sub ReqDecoder
{
my($i, $t1, $t2, %hash);
foreach (split /&/,$_[0])
{
s/\+/ /g;
if (/=/)
{
$t1 = $`;
$t2 = $';
$t1 =~ s/%([0-9A-H]{2})/pack('C',hex($1))/egi;
$t2 =~ s/%([0-9A-H]{2})/pack('C',hex($1))/egi;
$t1 =~ tr/a-z/A-Z/;
$hash{$t1} = $t2;
}
}
return %hash;
}
################################################################################################
sub WriteBook
{
my($ans, $ok, $test, @time);
$ans = "РЕЗУЛЬТАТ:<br>\n";
$ok = 0;
open (lastreq, "<lastreq.dat") || sub {$ans .= "Файла данных запроса нет - не могу прочитать!<br>\n";};
$test = <lastreq>;
close (lastreq);
if ($q eq $test)
{
return $ans."Повторный запрос - отклонен...<br>\n";
}
else
{
open (lastreq, ">lastreq.dat") || sub {$ans .= "Не могу записать в файл данных запроса!<br>\n";};
print lastreq $q;
close (lastreq);
}
if ($req{'CBTOVAR'} =~ /\S/)
{
$ok++;
}
else
{
$ans .= "Товар не указан!<br>\n";
}
if ($req{'EDMODEL'} =~ /\S/)
{
$ok++;
}
else
{
$ans .= "Модель не указана!<br>\n";
}
if ($req{'CBSTATUS'} =~ /\S/)
{
$ok++;
}
else
{
$ans .= "Состояние не указано!<br>\n";
}
if ($req{'EDFIRMA'} =~ /\S/)
{
$ok++;
}
else
{
$ans .= "Название фирмы не указано!<br>\n";
}
if ($req{'EDTOWN'} =~ /\S/)
{
$ok++;
}
else
{
$ans .= "Город не указан!<br>\n";
}
if ($req{'EDTELNUM'} =~ /\S/)
{
$ok++;
}
else
{
$ans .= "Телефон не указан!<br>\n";
}
if ($req{'MMPRIMETA'} =~ /\S/)
{
$req{'MMPRIMETA'} = substr $req{'MMPRIMETA'}, 0, 512;
$req{'MMPRIMETA'} =~ s/&/&/g;
$req{'MMPRIMETA'} =~ s/</</g;
$req{'MMPRIMETA'} =~ s/>/>/g;
$req{'MMPRIMETA'} =~ s/\r\n/<br>/g;
if ($req{'MMPRIMETA'} =~ /ху[йеяе]/i || $req{'MSG'} =~ /пизд/i || $req{'MSG'} =~ /бля/i || $req{'MSG'} =~ /fuck/i)
{
$ans .= ">У нас не матерятся: "..$&.."...<br>\n";
}
else
{
$ok++;
}
}
else
{
$ok++;
}
if ($ok == 7)
{
open(gb, ">>zakaz.txt") || sub {$ans .= "Не могу открыть файл записей!<br>\n";};
print gb "<gbrec>\n";
print gb "Executed > no\n";
print gb "From > $ENV{'REMOTE_ADDR'}\n";
print gb "Browser > $ENV{'HTTP_USER_AGENT'}\n";
print gb "Referer > $ENV{'HTTP_REFERER'}\n";
print gb "CBTOVAR > $req{'CBTOVAR'}\n";
print gb "EDMODEL > $req{'EDMODEL'}\n";
print gb "CBSTATUS > $req{'CBSTATUS'}\n";
print gb "MMPRIMETA > $req{'MMPRIMETA'}\n" if ($req{'MMPRIMETA'});
print gb "EDFIRMA > $req{'EDFIRMA'}\n";
print gb "EDNAME > $req{'EDNAME'}\n" if ($req{'EDNAME'});
print gb "EDMAIL > $req{'EDMAIL'}\n" if ($req{'EDMAIL'});
print gb "EDSITE > $req{'EDSITE'}\n" if ($req{'EDSITE'});
print gb "EDTOWN > $req{'EDTOWN'}\n";
print gb "EDTELNUM > $req{'EDTELNUM'}\n";
@time = localtime(time);
@time[0] = (@time[0] < 10) ? "0".@time[0] : @time[0];
@time[1] = (@time[1] < 10) ? "0".@time[1] : @time[1];
@time[2] = (@time[2] < 10) ? "0".@time[2] : @time[2];
@time[3] = (@time[3] < 10) ? "0".@time[3] : @time[3];
@time[4]++;
@time[4] = (@time[4] < 10) ? "0".@time[4] : @time[4];
@time[5] = @time[5] + 1900;
print gb "TIME > @time[3].@time[4].@time[5] @time[2]:@time[1]:@time[0]\n";
print gb "</gbrec>\n\n";
close(gb);
$count++;
open(st, ">zakaz.dat") || return $ans."Не могу записать в файл данных!<br.\n";
print st $count."\n";
close(st);
$ans .= "Запись успешно добавлена!<br>\n";
$succAdd = "true";
}
else
{
$ans .= "Запись не может быть добавлена!<br>\n";
$succAdd = "false";
}
return $ans;
}
################################################################################################
sub GuestBook
{
my($i, $str, %current);
print "\n\n<!-- here zakaz begins -->\n\n";
open(gb, "zakaz.txt") || sub {$ans .= "Файла записей нет - добавьте хотя бы одну запись!<br>\n";};
$i = 0;
do
{
while (($str = <gb>) && ($str !~ /<gbrec>/i)) {} #нашли начало записи (или конец файла)
while (($str = <gb>) && ($str !~ /<\/gbrec>/i)) #обработка, пока не конец записи (или файла)
{
chomp($str);
$current{$`} = $' if ($str =~ / > /); #если подходит под шаблон - добавляем в хеш %current
}
if (%current)
{
$i++;
if ($i >= $req{'READFROM'} && $i <= $req{'READTO'})
{
$current{'Executed'} = "<a href=http://$ENV{'HTTP_HOST'}/cgi-bin/zakaz.cgi?readfrom=$req{'READFROM'}&readto=$req{'READTO'}&authority=$req{'AUTHORITY'}&action=sanitarize&what=$i>" . (($current{'Executed'} =~ /yes/i) ? "да" : "нет") . "</a>";
print <<EOF;
<TABLE class=output_form>
<TR>
<TD><B>Заказ №$i</B></TD>
<TD>Поступил $current{'TIME'} IP: $current{'From'}</TD></TR>
<TR>
<TD><B>Выполнен:</B></TD>
<TD>$current{'Executed'}</TD></TR>
<TR>
<TD>Наименование товара:</TD>
<TD>$current{'CBTOVAR'}</TD></TR>
<TR>
<TD>Модель(марка) товара:</TD>
<TD>$current{'EDMODEL'}</TD></TR>
<TR>
<TD>Состояние:</TD>
<TD>$current{'CBSTATUS'}</TD></TR>
<TR>
<TD>Примечание:</TD>
<TD>$current{'MMPRIMETA'}</TD></TR>
<TR>
<TD>Название фирмы(оргнизации):</TD>
<TD>$current{'EDFIRMA'}</TD></TR>
<TR>
<TD>Контактное лицо:</TD>
<TD>$current{'EDNAME'}</TD></TR>
<TR>
<TD>E-Mail:</TD>
<TD>$current{'EDMAIL'}</TD></TR>
<TR>
<TD>Сайт:</TD>
<TD>$current{'EDSITE'}</TD></TR>
<TR>
<TD>Город:</TD>
<TD>$current{'EDTOWN'}</TD></TR>
<TR>
<TD>Телефон:</TD>
<TD>$current{'EDTELNUM'}</TD></TR>
</TABLE>
EOF
}
}
%current = %a; #убили хеш
}
until (eof || $i > $req{'READTO'});
print "Заказная книга пуста - добавьте хотя бы одну запись!<br>\n" if ($i == 0);
close(gb);
print "\n\n<!-- here zakaz ends -->\n\n";
}
################################################################################################
sub SanitarizeGuestBook
{
my($ans, $i, $str);
$ans = "Обработка Заказной книги:<br>\n";
open(newgb,">>zakaz.tmp") || return $ans."Не могу создать новый файл записей!<br>\n";
open(gb, "zakaz.txt") || return $ans."Не могу открыть старый файл записей!<br>\n";
$i = 0;
$count = 0;
do
{
while (($str = <gb>) && ($str !~ /<gbrec>/i)) {} #нашли начало записи (или конец файла)
while (($str = <gb>) && ($str !~ /<\/gbrec>/i)) #обработка, пока не конец записи или файла
{
chomp($str);
$current{$`} = $' if ($str =~ / > /); #если подходит под шаблон - добавляем в хеш
}
if (%current)
{
$i++;
if (!$_[0] && $current{'Executed'} =~ /no/)
{
$count++;
print newgb "\n<gbrec>\n";
foreach $key (sort(keys %current))
{
print newgb "$key > $current{$key}\n";
}
print newgb "<\/gbrec>\n";
}
elsif($_[0])
{
if ($i == $_[0])
{
$current{'Executed'} = ($current{'Executed'} =~ /no/) ? "yes" : "no";
}
$count++;
print newgb "\n<gbrec>\n";
foreach $key (sort(keys %current))
{
print newgb "$key > $current{$key}\n";
}
print newgb "<\/gbrec>\n";
}
}
%current = %a; #убили хеш
}
until (eof gb);
$ans .= "Заказная книга оказалась пуста - нечего было обрабатывать!<br>\n" if ($i == 0);
close(gb);
close(newgb);
unlink "zakaz.txt";
rename "zakaz.tmp", "zakaz.txt";
open(st, ">zakaz.dat") || return $ans."Не могу записать в файл данных!<br.\n";
print st $count."\n";
close(st);
return $ans."Обработано $count записей (всего было $i).\n";
}
################################################################################################
sub Numbers
{
my($ans, $i, $k);
$ans = "\n<!-- here numbers begin -->\n";
for ($i = 1; $i < $count; $i+=$_[0])
{
$k = $i + $_[0];
$k = $count if $k > $count;
if ($i >= $req{'READFROM'} && $k <= $req{'READTO'})
{
$ans .= "[$i..$k]\n";
}
else
{
$ans .= "<a href=http://$ENV{'HTTP_HOST'}/cgi-bin/zakaz.cgi?readfrom=$i&readto=$k" . (($imboss) ? "&authority=$req{'AUTHORITY'}" : "") . ">[$i..$k]</a>\n";
}
}
$ans .= "<br>\n<!-- here numbers end -->\n";
return $ans;
}
################################################################################################
sub CheckBoss
{
my($pw,$ans);
if (open(pwf, "passwd.dat"))
{
$pw = <pwf>;
$ans = ($_[0] eq $pw);
close(pwf);
}
else
{
open(pwf, ">passwd.dat");
print pwf $_[0];
$ans = true;
close(pwf);
}
return $ans;
}
################################################################################################
sub Error
{
print $_[0];
}
################################################################################################
if ($ENV{'REQUEST_METHOD'} =~ /get/i)
{
$q = ($ENV{'QUERY_STRING'});
}
if ($ENV{'REQUEST_METHOD'} =~ /post/i)
{
sysread STDIN, $q = ($ENV{'QUERY_STRING'}), $ENV{'CONTENT_LENGTH'};
}
%req = ReqDecoder($q);
################################################################################################
print "Content-Type: text/html\n\n";
open SHABLON, "zakaz.dot" || Error("Отсутствует шаблон страницы!<br>\n");
while (($str = <SHABLON>) !~ /<!--%zakaz%-->/i)
{
print $str;
}
################################################################################################
$imboss = CheckBoss($req{'AUTHORITY'}) if ($req{'AUTHORITY'});
open(st, "zakaz.dat") || Error("Файла данных нет - необходимо инициализировать счетчик!<br>\n");
$count = <st>;
$count = $& if ($count =~ /\d+/g);
close(st);
################################################################################################
$succAdd = "true";
$a = WriteBook if ($req{'ACTION'} =~ /add/i);
if ($imboss)
{
if (!$req{'READFROM'} || !$req{'READTO'} || $req{'READFROM'} > $count || $req{'READFROM'} > $req{'READTO'})
{
$req{'READFROM'} = $count - 4;
$req{'READTO'} = $count;
}
print "<a href=http://$ENV{'HTTP_HOST'}/cgi-bin/zakaz.cgi?action=sanitarize&authority=$req{'AUTHORITY'}>|Удалить выполненные заказы|</a><br>";
print Numbers(4);
print SanitarizeGuestBook($req{'WHAT'}) if ($req{'ACTION'} =~ /sanitarize/i);
GuestBook;
print Numbers(4);
print "<a href=http://$ENV{'HTTP_HOST'}/cgi-bin/zakaz.cgi?action=sanitarize&authority=$req{'AUTHORITY'}>|Удалить выполненные заказы|</a><br>";
}
################################################################################################
else
{
if ($succAdd ne "true")
{
$req{'MMPRIMETA'} =~ s/<br>/\n/g;
print $a."Исправьте, пожалуйста, неверные поля:<br>";
}
else
{
print $a;
%req = %a;
}
print <<EOF;
<FORM action="http://$ENV{'HTTP_HOST'}/cgi-bin/zakaz.cgi" method=post>
<TABLE class=input_form border=0 cellPadding=0 cellSpacing=0>
<TR>
<TD>*Наименование товара</TD>
<TD>
<INPUT name=ACTION type=hidden value=ADD> <SELECT id=CbTovar
name=CbTovar> <OPTION selected>Погрузчик</OPTION>
<OPTION>Штабелер</OPTION> <OPTION>Тележка</OPTION>
<OPTION>Электротележка</OPTION> <OPTION>Электротягач</OPTION>
<OPTION>Аккумуляторная батарея</OPTION> <OPTION>Запасная
часть(и)</OPTION> <OPTION>Другое...</OPTION></SELECT></TD></TR>
<TR>
<TD>*Модель(марка) товара</TD>
<TD><INPUT id=EdModel name=EdModel value="$req{'EDMODEL'}"></TD></TR>
<TR>
<TD>*Состояние</TD>
<TD><SELECT id=CbStatus name=CbStatus ?> <OPTION
selected>Новый(ая)</OPTION> <OPTION>Б/у</OPTION></SELECT> </TD></TR>
<TR>
<TD>Примечание</TD>
<TD><TEXTAREA cols=70 id=MmPrimeta name=MmPrimeta rows=6>$req{'MMPRIMETA'}</TEXTAREA></TD></TR>
<TR>
<TD colSpan=2 align=center><H1>Координаты для связи с Вами</H1></TD></TR>
<TR>
<TD>*Название фирмы(оргнизации)</TD>
<TD><INPUT id=EdFirma name=EdFirma value="$req{'EDFIRMA'}"> </TD></TR>
<TR>
<TD>Контактное лицо</TD>
<TD><INPUT id=EdName name=EdName value="$req{'EDNAME'}"></TD></TR>
<TR>
<TD>E-Mail</TD>
<TD><INPUT id=EdMail name=EdMail value="$req{'EDMAIL'}"></TD></TR>
<TR>
<TD>Сайт</TD>
<TD><INPUT id=EdSite name=EdSite value="$req{'EDSITE'}"></TD></TR>
<TR>
<TD>*Город</TD>
<TD><INPUT id=EdTown name=EdTown value="$req{'EDTOWN'}"></TD></TR>
<TR>
<TD>*Телефон</TD>
<TD><INPUT id=EdTelNum name=EdTelNum value="$req{'EDTELNUM'}"></TD></TR>
<TR>
<TD colSpan=2 align=middle><INPUT name=Submit type=submit value="Отправить заказ"> </TD></TR></TABLE></FORM>
EOF
}
################################################################################################
do
{
$str = <SHABLON>;
print $str;
}
until (eof);
close(SHABLON);
################################################################################################
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML>
<HEAD><TITLE>Заказ</TITLE>
<BASE href=kusaku/sss/>
<META NAME="GENERATOR" Content="MSHTML 5.00.3700.6699">
<LINK rel="stylesheet" href="aks_images/styles.css" type="text/css">
<SCRIPT LANGUAGE=javascript>
<!--
imageLoader =
{
imageArray: new Array(),
cache: function()
{
for (var i=0; i<imageLoader.cache.arguments.length; i++)
{
imageLoader.imageArray[i] = new Image();
imageLoader.imageArray[i].src = imageLoader.cache.arguments[i];
}
}
}
imageLoader.cache("aks_images/cart_off.gif", "aks_images/cart_on.gif");
floater =
{
fly: null,
moveEnabled: false,
shrinkEnabled: false,
dleft: 0,
dtop: 0,
timer: null,
move: function()
{
if (event.clientX < 15 || event.clientY < 15) return;
fly.style.left = (event.clientX - floater.dleft - 2) + "px";
fly.style.top = (event.clientY - floater.dtop - 2) + "px";
},
morph: function(c,t,l,w,h)
{
var n = 25;
if (c==0)
{
clearTimeout(floater.timer);
floater.top_delta = ((floater.ct = floater.fly.offsetTop) - t)/n;
floater.left_delta = ((floater.cl = floater.fly.offsetLeft) - l)/n;
//floater.width_delta = ((floater.cw = floater.fly.offsetWidth) - w)/n;
//floater.hight_delta = ((floater.ch = floater.fly.offsetHeight) - h)/n;
floater.timer = setTimeout("floater.morph(" + (c + 1) + ");", 10);
}
else if (c>n)
clearTimeout(floater.timer);
else
{
floater.fly.style.top = Math.round(floater.ct -= floater.top_delta) + 'px';
floater.fly.style.left = Math.round(floater.cl -= floater.left_delta) + 'px';
//floater.fly.style.width = Math.round(floater.cw -= floater.width_delta) + 'px';
//floater.fly.style.height = Math.round(floater.ch -= floater.hight_delta) + 'px';
floater.timer = setTimeout("floater.morph(" + (c + 1) + ");", 10);
}
},
hooker: function(action)
{
var dig = event.srcElement;
var x = dig.offsetLeft;
var y = dig.offsetTop;
var w = dig.offsetWidth;
var h = dig.offsetHeight;
while (dig = dig.offsetParent)
{
x += dig.offsetLeft;
y += dig.offsetTop;
}
if (action=="mouseover") floater.fly.src = "aks_images/cart_on.gif";
if (action=="mouseout") floater.fly.src = "aks_images/cart_off.gif";
if (event.srcElement.tagName=="IMG")
floater.morph(0, y - 33, x + w/2 - 25, w, h);
},
init: function()
{
var SafeAttachEvt = function (my_event, handler)
{
if (eval(my_event))
{
var old_handler = eval(my_event);
eval(my_event + " = function(){old_handler();handler();}");
}
else
eval(my_event + " = function(){handler();}");
}
floater.fly = new Image();
floater.fly.src = "aks_images/cart_off.gif";
floater.fly.style.position = "absolute";
floater.fly.style.left = "-100px";
floater.fly.style.top = "-100px";
document.body.appendChild(floater.fly);
for (var i=0; i< document.links.length; i++)
{
document.links[i].attachEvent("onmouseover", function(){floater.hooker("mouseover")});
document.links[i].attachEvent("onmouseout", function(){floater.hooker("mouseout")});
}
}
}
window.onload = function(){ floater.init();}
//-->
</SCRIPT>
</HEAD>
<BODY bottomMargin=0 leftMargin=0 rightMargin=0 topMargin=0>
<TABLE border=0 cellPadding=0 cellSpacing=0 height="100%" style="HEIGHT: 100%"
width="100%">
<TR>
<TD background="">
<TABLE bgColor=#006600 border=0 cellPadding=0 cellSpacing=0
style="WIDTH: 100%" width="100%">
<TR>
<TD><IMG alt=""
src="aks_images/logo.gif"></TD>
<TD align=middle style="WIDTH: 100%" width="100%"><FONT
color=lime>баннер сюда!</FONT> </TD></TR></TABLE>
<TABLE border=0 cellPadding=0 cellSpacing=0 width="100%">
<TR>
<TD align=middle background=aks_images/cart_back.gif><IMG alt=""
src="aks_images/cart_back.gif"></TD></TR></TABLE></TD></TR>
<TR>
<TD background=aks_images/bar.gif>
<TABLE border=0 cellPadding=0 cellSpacing=0 height="100%"
style="HEIGHT: 100%" width="100%">
<TR>
<TD><IMG alt="" src="aks_images/bar.gif"></TD>
<TD align=middle vAlign=top><A href="http://" id=aaa><IMG alt=""
border=0 height=32 hspace=0 src="aks_images/about.gif" style="HEIGHT: 32px; WIDTH: 128px" useMap="" width=128 ></A></TD>
<TD align=middle vAlign=top><A href="/cgi-bin/zakaz.cgi"><IMG alt=""
border=0 height=32 hspace=0 src="aks_images/zakaz.gif"
style="HEIGHT: 32px; WIDTH: 128px" useMap="" width=128></A></TD>
<TD align=middle vAlign=top><A href="http://"><IMG alt="" border=0
height=32 hspace=0 src="aks_images/servis.gif"
style="HEIGHT: 32px; WIDTH: 128px" useMap="" width=128></A></TD>
<TD align=middle vAlign=top><A href="http://"><IMG alt="" border=0
height=32 hspace=0 src="aks_images/zapchasti.gif"
style="HEIGHT: 32px; WIDTH: 128px" useMap=""
width=128></A></TD></TR></TABLE></TD></TR>
<TR>
<TD bgColor=#99cc99 height="100%" style="HEIGHT: 100%">
<TABLE border=0 cellPadding=0 cellSpacing=0 height="100%"
style="HEIGHT: 100%" width="100%">
<TR>
<TD align=middle background=aks_images/grad_g.gif><IMG alt=""
src="aks_images/grad_g.gif"></TD>
<TD background="" bgColor=#006600 style="WIDTH: 1px" width=1></TD>
<TD align=middle background=aks_images/grad_w.gif style="WIDTH: 600px"
width=600><IMG alt="" src="aks_images/grad_w.gif"></TD>
<TD background="" bgColor=#006600 style="WIDTH: 1px" width=1></TD>
<TD align=middle background=aks_images/grad_g.gif><IMG alt=""
src="aks_images/grad_g.gif"></TD></TR>
<TR>
<TD></TD>
<TD bgColor=#006600 height="100%" style="HEIGHT: 100%"></TD>
<TD bgColor=white height="100%" style="HEIGHT: 100%; WIDTH: 750px"
width=750>
<TABLE border=0 cellPadding=5 cellSpacing=0 height="100%"
style="HEIGHT: 100%" width="100%">
<TR>
<TD align=middle vAlign=top><IMG alt=""
src="aks_images/cart.gif"> <HR>
<!--%zakaz%-->
</TD></TR></TABLE></TD>
<TD bgColor=#006600></TD>
<TD></TD></TR></TABLE></TD></TR>
<TR>
<TD align=middle bgColor=#006600 height=1 style="HEIGHT: 1px"></TD></TR>
<TR>
<TD align=middle bgColor=#99cc99><FONT size=2>Design by </FONT><A
href="http://www.ozarenie.spb.ru/"><FONT size=2>Ozarenie</FONT></A><FONT
size=2> (альтернативный дизайн от </FONT><A
href="https://kusaku.su/"><FONT size=2>kusaku</FONT></A><FONT
size=2>)</FONT> </TD></TR></TABLE></BODY>
</HTML>