#!/usr/bin/perl use strict; use CGI qw/:standard :html3 *table/; use DBI; require "functions.pl"; our ($dbh,@states,@cards,$owneremail,$ownerdesc,$url_base,$sendmail); my ($i,$j,$username,$action,$rndstr,$id,$prn); my ($sth,$rc,$query); my ($ch_surname,$ch_middle,$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,$city,$zip,$state,$tel,$cvvs); my (@buff,@content); my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst); # # # # # # # # # # # # # # # # # # # # Starting the job. # # # # # # # # # # # # # # # # # # # ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); $year=1900+$year; # Read basic param $action=(param('action'))?param('action'):""; if ( $action eq "go") { # read required params $username=(param('username'))?param('username'):""; $rndstr=(param('rndstr'))?param('rndstr'):""; if ($rndstr eq "" || $username eq ""){ print_error('Invalid arguments. No action will be taken'); exit(13); } # Checking if this is an valid user. db_connect(); $query="SELECT id,salutation,surname,middle,name,validated FROM basic_auth WHERE username='$username' AND random_string='$rndstr'"; $sth = $dbh->prepare($query); if (!$sth) { print_error("[DBI]: Prepare Error Occured!",$DBI::errstr); db_disconnect(); exit(1); } $rc=$sth->execute; if (!$rc) { print_error("[DBI]: Execute Error Occured!",$DBI::errstr); $sth->finish(); db_disconnect(); exit(1); } @buff=$sth->fetchrow_array; if (!defined(@buff) || $buff[0] eq ""){ print_error("Your authentication data don't match. Maybe u didn't copy&paste well the link we provided you"); $sth->finish(); db_disconnect(); exit(113); } else { if ($buff[5] eq "Y"){ print_error('This account was already validated!'); $sth->finish(); db_disconnect(); exit(113); } } print_header("Welcome $buff[1] $buff[2] $buff[3]. $buff[4] - BizInc USA"); print_step_two($buff[0],$rndstr,'','','','','','','','','','','','','','',$buff[1],$buff[2],$buff[3],$buff[4]); print_footer(); $sth->finish(); db_disconnect(); } elsif ($action eq "Validate"){ # check params $id=(param('id'))?param('id'):""; $rndstr=(param('rndstr'))?param('rndstr'):""; $ch_surname=(param('ch_surname'))?param('ch_surname'):""; $ch_middle=(param('ch_middle'))?param('ch_middle'):""; $ch_name=(param('ch_name'))?param('ch_name'):""; $cc1=(param('cc1'))?param('cc1'):""; $cc2=(param('cc2'))?param('cc2'):""; $cc_type=(param('cc_type'))?param('cc_type'):""; $expire_mon=(param('expire_mon'))?param('expire_mon'):""; $expire_year=(param('expire_year'))?param('expire_year'):""; $address=(param('address'))?param('address'):""; $city=(param('city'))?param('city'):""; $zip=(param('zip'))?param('zip'):""; $state=(param('state'))?param('state'):""; $tel=(param('tel'))?param('tel'):""; $cvvs=(param('cvvs'))?param('cvvs'):""; # Checking the user :D if($id eq "" || $rndstr eq ""){ print_error("One of the basic arguments are missing!"); exit(110); } db_connect(); $query="SELECT id,salutation,surname,middle,name,email,username FROM basic_auth WHERE id='$id' AND random_string='$rndstr'"; $sth = $dbh->prepare($query); if (!$sth) { print_error("[DBI]: Prepare Error Occured!",$DBI::errstr); db_disconnect(); exit(1); } $rc=$sth->execute; if (!$rc) { print_error("[DBI]: Execute Error Occured!",$DBI::errstr); $sth->finish(); db_disconnect(); exit(1); } @buff=$sth->fetchrow_array; if (!defined(@buff) || $buff[0] eq ""){ print_error("Your authentication data is invalid!"); $sth->finish(); db_disconnect(); exit(113); } # Checking params. (this will be a long typing job :( ) if ($ch_surname eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,'',$ch_middle,$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,$city,$zip,$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter card holder first name.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($ch_middle eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,'',$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,$city,$zip,$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter card holder middle initial.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($ch_name eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,'',$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,$city,$zip,$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter card holder last name.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($cc1 eq "" || $cc2 eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,'','',$cc_type,$expire_mon,$expire_year,$address,$city,$zip,$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter credit card number.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($cc_type eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,$cc1,$cc2,'',$expire_mon,$expire_year,$address,$city,$zip,$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please select credit card type.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($expire_mon eq "" || $expire_year eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,$cc1,$cc2,$cc_type,'','',$address,$city,$zip,$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please select credit card expiration date.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($address eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,'',$city,$zip,$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter statement address.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($city eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,'',$zip,$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter statement city.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($zip eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,$city,'',$state,$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter statement zip.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($state eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,$city,$zip,'',$tel,$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please select statement state.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($tel eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,$city,$zip,$state,'',$cvvs,$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter card holder tel#.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } if ($cvvs eq ""){ print_header("BizInc USA - Account validation error."); print_step_two($id,$rndstr,$ch_surname,$ch_middle,$ch_name,$cc1,$cc2,$cc_type,$expire_mon,$expire_year,$address,$city,$zip,$state,$tel,'',$buff[1],$buff[2],$buff[3],$buff[4]); print "Please enter CVVS code.\n"; print_footer(); $sth->finish(); db_disconnect(); exit(1); } # inserting user billing data. my ($a,$b,$c,$d,$e,$f,$g,$h,$k,$l); $a=quotemeta($ch_surname); $b=quotemeta($ch_middle); $c=quotemeta($ch_name); $d=quotemeta($cc1); $e=quotemeta($cc2); $f=quotemeta($address); $g=quotemeta($city); $h=quotemeta($zip); $k=quotemeta($tel); $l=quotemeta($cvvs); $query="INSERT INTO payment_info (id,surname,middle,name,cc1,cc2,cc_type, expire_mon,expire_year,address,city,zip,state,tel,cvvs) VALUES ('$id','$a','$b','$c','$d','$e','$cc_type','$expire_mon', '$expire_year','$f','$g','$h','$state','$k','$l')"; $sth = $dbh->prepare($query); if (!$sth) { print_error("[DBI]: Prepare Error Occured!",$DBI::errstr); db_disconnect(); exit(1); } $rc=$sth->execute; if (!$rc) { print_error("[DBI]: Execute Error Occured!",$DBI::errstr); $sth->finish(); db_disconnect(); exit(1); } # Updating basic authentication status. $prn="PRN".$year.$id; $query="UPDATE basic_auth SET validated='Y',prn='$prn' WHERE id='$id'"; $sth = $dbh->prepare($query); if (!$sth) { print_error("[DBI]: Prepare Error Occured!",$DBI::errstr); db_disconnect(); exit(1); } $rc=$sth->execute; if (!$rc) { print_error("[DBI]: Execute Error Occured!",$DBI::errstr); $sth->finish(); db_disconnect(); exit(1); } $sth->finish(); db_disconnect(); ##### Send Email to the site ADMIN open (MAIL,"|$sendmail"); print MAIL "From: $ownerdesc <$owneremail>\n"; print MAIL "To: $ownerdesc <$owneremail> \n"; print MAIL "Subject: [BizIncUSA] New user signup!\n\n"; print MAIL "\t$buff[1] $buff[2] $buff[3]. $buff[4] (username=$buff[6]) step 2 completed!\n"; close(MAIL); ### Send email to the user open (TEXT,"text/step200.txt"); @content=; close(TEXT); open (MAIL,"|$sendmail"); print MAIL "From: $ownerdesc <$owneremail>\n"; print MAIL "To: $buff[2] $buff[3]. $buff[4] <$buff[5]>\n"; print MAIL "Subject: [BizIncUSA] Account validation completed.\n\n"; foreach $a (@content){ $a=~ s/var\_salutation/$buff[1]/g; $a=~ s/var\_firstname/$buff[2]/g; $a=~ s/var\_middle/$buff[3]/g; $a=~ s/var\_lastname/$buff[4]/g; $a=~ s/var\_prn/$prn/g; print MAIL "$a"; } close(MAIL); #### Print output to the user. open (TEXT,"text/step201.txt"); @content=; close(TEXT); print_header('BizInc USA - Validation Completed'); print<<"HTML";

HTML foreach $a (@content){ $a=~ s/var\_salutation/$buff[1]/g; $a=~ s/var\_firstname/$buff[2]/g; $a=~ s/var\_middle/$buff[3]/g; $a=~ s/var\_lastname/$buff[4]/g; $a=~ s/var\_prn/$prn/g; # $a=~ s/\n/\/g; print "$a\n"; } print<<"HTML"; Click here to get to the main page.

HTML print_footer(); } else { print_error("Unknown action type!"); exit(110); } # Local Subroutines sub print_step_two{ # Syntax # print_step_two('id','rndstr','ch_surname','ch_middle','ch_name','cc1','cc2', # 'cc_type','expire_mon','expire_year','address','city','zip','state', # 'tel','cvvs','salutation','surname','middle','name'); print<<"HTML";

HTML open(TEXT,"text/step202.txt"); @content=; close(TEXT); foreach $a (@content){ $a =~ s/var\_salutation/$_[16]/g; $a =~ s/var\_firstname/$_[17]/g; $a =~ s/var\_middle/$_[18]/g; $a =~ s/var\_lastname/$_[19]/g; # $a =~ s/\n/\/g; print "$a\n"; } print<<"HTML";

Payment information
Card Holder First Name:
Card Holder Middle Initial:
Card Holder Last Name:
Credit Card No:	-
Credit Card Type:
Expiration Date:	/
Statement Address:
Statement City:
Statement Zip Code:
Statement State:
Card Holder Tel#:
CVVS Code :	[explained here]

HTML }