1 # ===================================================================== 2 # cartCheckout.awk: RPC I/O function for rpclib/cartCheckout. 3 # 4 # Copyright (c) 2007,2008,2009,2010 Carlo Strozzi 5 # 6 # This program is free software; you can redistribute it and/or modify 7 # it under the terms of the GNU General Public License as published by 8 # the Free Software Foundation; version 2 dated June, 1991. 9 # 10 # This program is distributed in the hope that it will be useful, 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 # GNU General Public License for more details. 14 # 15 # You should have received a copy of the GNU General Public License 16 # along with this program; if not, write to the Free Software 17 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 18 # 19 # ===================================================================== 20 21 # ===================================================================== 22 # void _userproc(int mode) 23 # 24 # Note: this function uses setStatic() instead of _rcset() for many 25 # of the values that are to be passed to the underlying rc(1) script. 26 # This is to support the deferral of actual order creation until the 27 # payment gateway returns a positive acknowledge to the shopping site 28 # (this is not the case, or not the default behaviour, with some of 29 # those gateways, notably PayPal). 30 # ===================================================================== 31 32 function _userproc(mode, value,len,a,i,tmp) { 33 34 if (mode == _O_REQUEST) { # request. 35 36 nodestem() 37 38 # target group 39 value = _request("1",1) 40 41 # group must not be null and it may not contain the 42 # unescaped ``.'' character. 43 44 if (value != _NULL && value !~ /\./) { 45 setStatic("cgi.group",unixify(value)) 46 setStatic("cgi.group.literal",value) 47 } 48 49 # See http://www.ietf.org/rfc/rfc3106 for ECom Field Names. 50 51 # Ship-To Full Name. 52 value = _request("Ecom_ShipTo_Postal_Company",1) 53 gsub(/[\t\r\n<>,]+/," ",value) 54 if (value ~ /[a-zA-Z]/) 55 setStatic("cgi.ord.fullname", _strip(value,_O_MIDDLE)) 56 57 # Optional Ship-To Full Common-Name, Name Suffix 58 # or other local qualifier. 59 value = _request("Ecom_ShipTo_Postal_Name_Suffix",1) 60 gsub(/[\t\r\n<>,]+/," ",value) 61 if (value ~ /[a-zA-Z]/) 62 setStatic("cgi.ord.nick", _strip(value,_O_MIDDLE)) 63 64 # Ship-To Street Address (only one address line is used). 65 value = _request("Ecom_ShipTo_Postal_Street_Line1",1) 66 gsub(/[\t\r\n<>,]+/," ",value) 67 if (value ~ /[a-zA-Z]/) 68 setStatic("cgi.ord.addr", _strip(value,_O_MIDDLE)) 69 70 # Ship-To City/Town. 71 value = _request("Ecom_ShipTo_Postal_City",1) 72 gsub(/[\t\r\n<>,]+/," ",value) 73 if (value ~ /[a-zA-Z]/) 74 setStatic("cgi.ord.town", _strip(value,_O_MIDDLE)) 75 76 # Ship-To State/Province. 77 value = _request("Ecom_ShipTo_Postal_StateProv",1) 78 gsub(/[\t\r\n<>,]+/," ",value) 79 if (value ~ /[a-zA-Z]/) 80 setStatic("cgi.ord.state", _strip(value,_O_MIDDLE)) 81 82 # Ship-To ZIP Code. It may be alphanumeric and longer 83 # than 5 characters for some countries, so no special 84 # checks will be done here. 85 86 value = _request("Ecom_ShipTo_Postal_PostalCode",1) 87 gsub(/[\t\r\n<>,]+/," ",value) 88 if (value ~ /[a-zA-Z0-9]/) 89 setStatic("cgi.ord.zip", _strip(value,_O_MIDDLE)) 90 91 # Ship-To Country. I want to accept both 2-letter ISO 92 # country codes and free-form country names, so I perform 93 # only a minimal test. 94 value = _request("Ecom_ShipTo_Postal_CountryCode",1) 95 gsub(/[\t\r\n<>,]+/," ",value) 96 if (value ~ /[a-zA-Z]/) 97 setStatic("cgi.ord.ctry", _strip(value,_O_MIDDLE)) 98 99 # Contact E-Mail. 100 value = _strip(_request("Ecom_ShipTo_Online_Email",1)) 101 len = length(value) 102 if (_isemail(value) != _EINVAL && len > 4 && len < 51) 103 setStatic("cgi.ord.email",value) 104 105 # Mandatory Contact Phone No. 106 value = _request("Ecom_ShipTo_Telecom_Phone_Number",1) 107 if (gsub(/[^+\/()0-9]/,_NULL,value)) { 108 if (value !~ /[^+\/()0-9]/) setStatic("cgi.ord.phone","-") 109 } 110 if (value != _NULL) setStatic("cgi.ord.phone",value) 111 112 # Shipping Method, in the form of "type[:description]". 113 value = _request("Ecom_ShipTo_Local1",1) 114 gsub(/[\t\r\n<>,]+/," ",value) 115 value = _strip(value,_O_MIDDLE) 116 sub(/ *: */,":",value) 117 tmp = substr(value,1,1)/1 118 if (tmp > 0 && tmp < 10) setStatic("cgi.ord.ship",tmp) 119 setStatic("cgi.ord.ship.descr",substr(value,3)) 120 121 # Payment Discount Code, if available. 122 value = _request("Ecom_Payment_Local1",1) 123 gsub(/[\t\r\n<>,]+/," ",value) 124 # Sanitize value a bit, just in case. 125 value = substr(_strip(value,_O_MIDDLE),1,32) 126 gsub(/[^-a-zA-Z0-9]/,_NULL,value) 127 sub(/^-+/,_NULL,value) 128 if (value != _NULL) setStatic("cgi.ord.pay.credit",value) 129 130 # Bill-To Company/Organization Name. 131 value = _request("Ecom_BillTo_Postal_Company",1) 132 gsub(/[\t\r\n<>,]+/," ",value) 133 if (value ~ /[a-zA-Z]/) 134 setStatic("cgi.ord.iorg", _strip(value,_O_MIDDLE)) 135 136 # Bill-To Company/Organization Name Suffix, used mainly for 137 # VAT/Fiscal Code data, short of a better ECom field name. 138 # I done this for simmetry with Ecom_ShipTo_Postal_Name_Suffix . 139 value = _request("Ecom_BillTo_Postal_Name_Suffix",1) 140 gsub(/[\t\r\n<>,]+/," ",value) 141 if (value ~ /[a-zA-Z0-9]/) 142 setStatic("cgi.ord.vat", _strip(value,_O_MIDDLE)) 143 144 # Bill-To Street Address (only one address line is used). 145 value = _request("Ecom_BillTo_Postal_Street_Line1",1) 146 gsub(/[\t\r\n<>,]+/," ",value) 147 if (value ~ /[a-zA-Z]/) 148 setStatic("cgi.ord.iaddr", _strip(value,_O_MIDDLE)) 149 150 # Bill-To City/Town. 151 value = _request("Ecom_BillTo_Postal_City",1) 152 gsub(/[\t\r\n<>,]+/," ",value) 153 if (value ~ /[a-zA-Z]/) 154 setStatic("cgi.ord.itown", _strip(value,_O_MIDDLE)) 155 156 # Bill-To State/Province. 157 value = _request("Ecom_BillTo_Postal_StateProv",1) 158 gsub(/[\t\r\n<>,]+/," ",value) 159 if (value ~ /[a-zA-Z]/) 160 setStatic("cgi.ord.istate", _strip(value,_O_MIDDLE)) 161 162 # Bill-To ZIP Code. It may be alphanumeric and longer 163 # than 5 characters for some countries, so no special 164 # checks will be done here. 165 166 value = _request("Ecom_BillTo_Postal_PostalCode",1) 167 gsub(/[\t\r\n<>,]+/," ",value) 168 if (value ~ /[a-zA-Z0-9]/) 169 setStatic("cgi.ord.izip", _strip(value,_O_MIDDLE)) 170 171 # Bill-To Country. I want to accept both 2-letter ISO 172 # country codes and free-form country names, so I perform 173 # only a minimal test. 174 value = _request("Ecom_BillTo_Postal_CountryCode",1) 175 gsub(/[\t\r\n<>,]+/," ",value) 176 if (value ~ /[a-zA-Z]/) 177 setStatic("cgi.ord.ictry", _strip(value,_O_MIDDLE)) 178 179 # Optional special S&H instructions. Max size for 180 # this field is currently hard-coded to 256 chars. 181 value = substr(_strip(_request("notes",1)),1,256) 182 if (value ~ /[a-zA-Z]/ && _rcget("CSA_SESSION",19) ~ /^tag:/) { 183 sub(/[\r\n]+$/,_NULL,value) 184 printf("%s\n",value) > ENVIRON["TMPDIR"] \ 185 "/" _rcget("CSA_SESSION",19) "-txt" 186 } 187 188 # Acceptance of privacy policy. 189 value = _strip(_request("privacy",1)) 190 if (_bool(value) == _TRUE) setStatic("cgi.privacy","y") 191 192 # Acceptance of sale's T&C. 193 value = _strip(_request("terms",1)) 194 if (_bool(value) == _TRUE) setStatic("cgi.terms","y") 195 196 # Mandatory captcha code. Ignored with callbacks from payment, 197 # gateways, so no need to save it with setStatic(). 198 if ((value=_request("captcha",1)) != _NULL) { 199 gsub(/[\t\r\n<>]+/," ",value) 200 value = substr(_strip(value,_O_MIDDLE),1,32) 201 _rcset("cgi.captcha",value) 202 } 203 204 # The following test is necessary since the address could, 205 # at least in theory, have been set to any string by the 206 # remote user, due to how it is handled to cope with stunnel(8) 207 # and the lack of transproxy support in kernel 2.4.x. 208 209 if (_isipaddr(ENVIRON["REMOTE_ADDR"]) == _TRUE) 210 value = ENVIRON["REMOTE_ADDR"] 211 else value = "0.0.0.0" 212 213 _rcset("REMOTE_ADDR",value) 214 } 215 } 216 217 # EOF