Diff -- /var/www/vhosts/3dshawn.com/shop.3dshawn.com/buyer_login.cgi
Diff

/var/www/vhosts/3dshawn.com/shop.3dshawn.com/buyer_login.cgi

added on local at 2026-07-01 22:09:30

Added
+255
lines
Removed
-0
lines
Context
0
unchanged
Blobs
from
to d776ba3e504e
Restore this content →
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.
1#!/usr/bin/perl
2#======================================================================
3# ShopCart -- buyer auth (login + signup + logout).
4#
5# Consolidates the former trio via SCRIPT_NAME dispatch:
6# buyer_login.cgi -- login form + POST handler (primary)
7# buyer_signup.cgi -- signup form + POST handler
8# buyer_logout.cgi -- session revoke + cookie clear + 302 back
9#
10# All three share the same MODS::ShopCart::BuyerAuth surface; the
11# per-storefront cookie / theme wiring is identical across entries.
12#======================================================================
13use strict;
14use warnings;
15
16use lib '/var/www/vhosts/3dshawn.com/shop.3dshawn.com';
17use CGI;
18use MODS::Template;
19use MODS::DBConnect;
20use MODS::ShopCart::Config;
21use MODS::ShopCart::BuyerAuth;
22use MODS::ShopCart::Themes;
23
24my $q = CGI->new;
25my $form = $q->Vars;
26my $tfile = MODS::Template->new;
27my $db = MODS::DBConnect->new;
28my $cfg = MODS::ShopCart::Config->new;
29my $auth = MODS::ShopCart::BuyerAuth->new;
30my $themes = MODS::ShopCart::Themes->new;
31my $DB = $cfg->settings('database_name');
32
33$| = 1;
34
35my $entry = ($ENV{SCRIPT_NAME} || '') =~ m{/([^/]+)\.cgi$} ? $1 : 'buyer_login';
36
37if ($entry eq 'buyer_signup') { _ba_signup(); exit; }
38elsif ($entry eq 'buyer_logout') { _ba_logout(); exit; }
39else { _ba_login(); exit; }
40
41#======================================================================
42# buyer_login.cgi -- login form + POST handler
43#======================================================================
44sub _ba_login {
45 my $sid = $form->{id} || $form->{storefront_id} || 0;
46 $sid =~ s/[^0-9]//g;
47
48 my $dbh = $db->db_connect();
49 my $store;
50 if ($sid) {
51 $store = $db->db_readwrite($dbh,
52 qq~SELECT id, name, subdomain, theme_id FROM `${DB}`.storefronts WHERE id='$sid' LIMIT 1~,
53 $ENV{SCRIPT_NAME}, __LINE__);
54 }
55 unless ($store && $store->{id}) {
56 $db->db_disconnect($dbh);
57 print "Status: 302 Found\nLocation: /\n\n";
58 return;
59 }
60
61 my $err = '';
62 my $email_in = '';
63
64 if (($ENV{REQUEST_METHOD} || '') eq 'POST') {
65 $email_in = $form->{email} || '';
66 my $pw = $form->{password} || '';
67
68 my ($buyer, $cookie) = $auth->login($db, $dbh, $DB, $store->{id}, $email_in, $pw);
69 if (ref($buyer) eq 'HASH' && $buyer->{error}) {
70 $err = $buyer->{error};
71 } elsif ($buyer && $buyer->{id}) {
72 my $track_token = '';
73 my $raw_cookie = $ENV{HTTP_COOKIE} || '';
74 if ($raw_cookie =~ /(?:^|;\s*)shopcart_track=([a-f0-9-]{36})/) {
75 $track_token = $1;
76 }
77 if ($track_token) {
78 require MODS::ShopCart::Tracking;
79 my $tr = MODS::ShopCart::Tracking->new;
80 $tr->link_session_to_buyer($db, $dbh, $DB, $track_token, $buyer->{id});
81 }
82
83 $db->db_disconnect($dbh);
84 print "Status: 302 Found\n";
85 print "Set-Cookie: $cookie\n" if $cookie;
86 print "Location: /my_orders.cgi?id=$store->{id}\n\n";
87 return;
88 } else {
89 $err = 'login failed';
90 }
91 }
92
93 my $theme = $themes->by_id($store->{theme_id});
94 my $css_vars = $themes->css_vars($theme);
95
96 $db->db_disconnect($dbh);
97
98 require MODS::ShopCart::StoreChrome;
99 my $chrome_dbh = $db->db_connect();
100 my $chrome_html = MODS::ShopCart::StoreChrome->header_html({
101 store_id => $store->{id},
102 store_name => $store->{name} || $store->{subdomain},
103 is_buyer_in => 0,
104 cart_count => 0,
105 db => $db,
106 dbh => $chrome_dbh,
107 DB => $DB,
108 });
109 $db->db_disconnect($chrome_dbh);
110
111 my $tvars = {
112 theme_css_vars => $css_vars,
113 store_id => $store->{id},
114 store_name => _ba_h($store->{name} || $store->{subdomain}),
115 store_chrome_html => $chrome_html,
116 email_value => _ba_h($email_in),
117 has_error => $err ? 1 : 0,
118 error_message => _ba_h($err),
119 signup_href => "/buyer_signup.cgi?id=$store->{id}",
120 back_href => "/store.cgi?id=$store->{id}",
121 };
122
123 print "Content-Type: text/html; charset=utf-8\nCache-Control: no-store, no-cache, must-revalidate, max-age=0\nPragma: no-cache\nExpires: 0\n\n";
124 print join('', $tfile->template('shopcart_buyer_login.html', $tvars, undef));
125 return;
126}
127
128#======================================================================
129# buyer_signup.cgi -- signup form + POST handler
130#======================================================================
131sub _ba_signup {
132 my $sid = $form->{id} || $form->{storefront_id} || 0;
133 $sid =~ s/[^0-9]//g;
134
135 my $dbh = $db->db_connect();
136
137 my $store;
138 if ($sid) {
139 $store = $db->db_readwrite($dbh,
140 qq~SELECT id, name, subdomain, theme_id FROM `${DB}`.storefronts WHERE id='$sid' LIMIT 1~,
141 $ENV{SCRIPT_NAME}, __LINE__);
142 }
143 unless ($store && $store->{id}) {
144 $db->db_disconnect($dbh);
145 print "Status: 302 Found\nLocation: /\n\n";
146 return;
147 }
148
149 my $err = '';
150 my $email_in = '';
151 my $name_in = '';
152
153 if (($ENV{REQUEST_METHOD} || '') eq 'POST') {
154 $email_in = $form->{email} || '';
155 $name_in = $form->{display_name} || '';
156 my $pw = $form->{password} || '';
157
158 my $result = $auth->signup($db, $dbh, $DB, $store->{id}, $email_in, $pw, $name_in);
159 if (ref($result) eq 'HASH' && $result->{error}) {
160 $err = $result->{error};
161 } else {
162 my ($buyer, $cookie) = $auth->login($db, $dbh, $DB, $store->{id}, $email_in, $pw);
163
164 if ($buyer && $buyer->{id}) {
165 my $track_token = '';
166 my $raw_cookie = $ENV{HTTP_COOKIE} || '';
167 if ($raw_cookie =~ /(?:^|;\s*)shopcart_track=([a-f0-9-]{36})/) {
168 $track_token = $1;
169 }
170 if ($track_token) {
171 require MODS::ShopCart::Tracking;
172 my $tr = MODS::ShopCart::Tracking->new;
173 $tr->link_session_to_buyer($db, $dbh, $DB, $track_token, $buyer->{id});
174 }
175
176 eval {
177 require MODS::ShopCart::BuyerCredits;
178 my $bc = MODS::ShopCart::BuyerCredits->new;
179 $bc->link_email_to_account($db, $dbh, $DB,
180 $store->{id}, $buyer->{id}, $email_in);
181 };
182 }
183
184 $db->db_disconnect($dbh);
185 print "Status: 302 Found\n";
186 print "Set-Cookie: $cookie\n" if $cookie;
187 print "Location: /my_orders.cgi?id=$store->{id}\n\n";
188 return;
189 }
190 }
191
192 my $theme = $themes->by_id($store->{theme_id});
193 my $css_vars = $themes->css_vars($theme);
194
195 $db->db_disconnect($dbh);
196
197 require MODS::ShopCart::StoreChrome;
198 my $chrome_dbh = $db->db_connect();
199 my $chrome_html = MODS::ShopCart::StoreChrome->header_html({
200 store_id => $store->{id},
201 store_name => $store->{name} || $store->{subdomain},
202 is_buyer_in => 0,
203 cart_count => 0,
204 db => $db,
205 dbh => $chrome_dbh,
206 DB => $DB,
207 });
208 $db->db_disconnect($chrome_dbh);
209
210 my $tvars = {
211 theme_css_vars => $css_vars,
212 store_id => $store->{id},
213 store_name => _ba_h($store->{name} || $store->{subdomain}),
214 store_chrome_html => $chrome_html,
215 email_value => _ba_h($email_in),
216 name_value => _ba_h($name_in),
217 has_error => $err ? 1 : 0,
218 error_message => _ba_h($err),
219 login_href => "/buyer_login.cgi?id=$store->{id}",
220 back_href => "/store.cgi?id=$store->{id}",
221 };
222
223 print "Content-Type: text/html; charset=utf-8\nCache-Control: no-store, no-cache, must-revalidate, max-age=0\nPragma: no-cache\nExpires: 0\n\n";
224 print join('', $tfile->template('shopcart_buyer_signup.html', $tvars, undef));
225 return;
226}
227
228#======================================================================
229# buyer_logout.cgi -- revoke session, clear cookie, 302 back
230#======================================================================
231sub _ba_logout {
232 my $sid = $form->{id} || $form->{storefront_id} || 0;
233 $sid =~ s/[^0-9]//g;
234
235 my $dbh = $db->db_connect();
236 my $buyer = $auth->verify($q, $db, $dbh, $DB);
237 my $cookie = $auth->logout($db, $dbh, $DB, $buyer ? $buyer->{session_id} : '');
238 $db->db_disconnect($dbh);
239
240 my $back = $sid ? "/store.cgi?id=$sid" : '/';
241 print "Status: 302 Found\n";
242 print "Set-Cookie: $cookie\n";
243 print "Location: $back\n\n";
244 return;
245}
246
247sub _ba_h {
248 my $s = shift;
249 $s //= '';
250 $s =~ s/&/&/g;
251 $s =~ s/</&lt;/g;
252 $s =~ s/>/&gt;/g;
253 $s =~ s/"/&quot;/g;
254 return $s;
255}
Keyboard: j next diff k previous diff g top G bottom r restore c compile-check ? help