PerlShop^TM Manual
(version 3.1)

(Print out a copy of this manual and use it to check off each step as you complete it, and make a backup copy of the perlshop script before making any changes)
(If there are any errors or omissions in this manual, please email: perlshop@mjourney.com)

Table of Contents:

1. Overview
2. Upgrading from a prior version
3. Installing the Script
4. Customizing the Script
   1. Server Customization
   2. Company Customization
5. Creating the Catalog Pages
   1. Catalog Page Format
   1. Entering the store
   2. Server Independence
   3. Built-in Navigation tags
   4. Custom Navigation tags
      1. Navigation using Forms
      2. Navigation using Links
   5. Single Item Selection Forms
   6. Multiple Item Selection forms
   7. Optional Tags
   8. Order of Html Tags
   2. Automating Catalog Page Creation
6. Appendix
   1. Security
      1. File Security
      2. Transaction Security
   2. Cookies
   3. Online Payment Methods
      1. First Virtual
      2. SecureOrder
   4. Debugging
   5. Output File Formats
      1. Customer File
      2. Order File
      3. Log Files
         1. Page Hits File
         2. Search Hits File
   6. Requirements

Overview

PerlShop is a shopping cart program that displays a catalog that is embedded in static html pages using hidden form field tags. You can use any design for your catalog pages, PerlShop will only add navigational menu bars and buttons when it displays the pages.

A unique order number is assigned to each user upon entering the store. The order number is used to keep track of the state of each user's transactions and is saved across each user's session using hidden fields. Cookies can be optionally enabled to let shoppers return later to finish an order.

PerlShop was designed from the beginning with security in mind. Please read the security section below to make sure you understand how to properly implement the security features before you start accepting orders.


Upgrading from a prior Version

If you are currently using PerlShop, there are only two things you need to be aware of when upgrading to verision 3.1

1. You must make all the changes in the Customizing the Script section below again.
2. The $shipping_type = 'none' option is only for items that will not be shipped, if you are currently using the 'included' option, continue to do so.
3. The "perlre.html" and "country.html" files distributed with the script must be placed in the $catalog_home directory.
4. The order of the Hidden Html tags on the catalog pages is now important. See the "Order of Hidden Tags" section below for more details.

Installing the Script

1. Locate your cgi directory (usually 'cgi-bin'), change to that directory, and create a subdirectory under it to hold the PerlShop script, e.g. 'mkdir MyStore'.
2. Change the permission on the directory by entering the command 'chmod 777 MyStore' from within the cgi-bin directory.
3. Copy the PerlShop.cgi script to the subdirectory created in step #1 above.
4. Find the location of the Perl Interpreter on the web server (usually /usr/bin/perl, or /usr/local/bin/perl), you can usually find it by entering 'where' perl' at the command prompt, if that doesn't work, try entering 'which perl' or 'whereis perl'. If you still have trouble finding it, ask your ISP where it is located.
5. Edit PerlShop.cgi and change the first line to point to the location of the Perl interpreter on the server found in step 4 above, (e.g. '#! /usr/bin/perl').
6. Make it executable by entering one of the following commands at the prompt:
   1. If using CgiWrap use: 'chmod 700 PerlShop.cgi'
   2. If not using CgiWrap use: 'chmod 755 PerlShop.cgi'
7. Test it out by entering 'PerlShop.cgi' at the command prompt, it should display a copyright notice.
8. Create the following subdirectories under the subdirectory you created in step #1 above:
   customers, orders, catalog, tokens, temp_customers, temp_orders, log. (e.g. /cgi-bin/MyStore/customers, /cgi-bin/MyStore/orders, etc.), and change their permissions with 'chmod 777 customers', etc.
   
   You can optionally put the catalog subdirectory somewhere under your main document directory (e.g. /public_html/MyStore/catalog, etc.). This will allow the search engines (such as altavista/excite/infoseek etc.) to find your catalog pages and index them so that people may easily find your site and products. (this is one advantage of a non-database based script!). If you do locate your pages this way, you need to change the value of the $catalog_directory variable to the exact location of the catalog directory on your server (on a unix system, you can get the correct value of the variable by changing to the catalog directory once you've created it, and issuing the "pwd" command. It should have a leading slash, but no trailing slash.
   
9. Create a subdirectory under your main document directory (usually this is the Public_Html, or the htdocs directory, not the cgi-bin directory!), that will contain contain any image files (gif, jpg) that are to be used by the PerlShop script, and copy the images there.
10. If you will be enabling the secure server option, make sure to follow completely the instructions under the Transaction Security section below
    

Customizing the Script

Server Customization
1. Change the variable '$use_cgiwrap' to 'yes' if running the script under cgiwrap, set it to 'no' otherwise.
2. Change the variable '$server_address' to the ip address (or the equivalent domain name, e.g. www.myserver.com) of the server the script will be running on.
3. If not using cgiwrap, change the variable '$cgi_directory' to the subdirectory of your cgi-bin directory which was created in step #1 under "Installing the Script". e.g. '/cgi-bin/MyStore'
4. If you are using cgiwrap, change the variable '$cgiwrap_directory' to the subdirectory of your cgi-bin directory which was created in step #1 under 'Installing the Script', using a format like '/cgi-sys/cgiwrap/username//MyStore' (see your ISP for the exact format).
5. Change the variable '$image_directory' to point to the subdirectory created above in step #10 under "Installing the Script" to hold image files (e.g. '/MyStore/Images')
6. Change the '$mail_via' variable to the type of email program you wish to use, either sendmail, blat, or the built-in 'sockets' email routine.
   1. If using 'sendmail', change the variable '$sendmail_loc' to point to the location of the sendmail program on the server (e.g. '/usr/sbin/sendmail')
   2. If using 'blat', change the variable '$blat_loc' to point to the location of the blat program (e.g. 'c:\\winnt35\\system32\\blat')
   3. If using the built-in 'sockets' routine, then set the value of the '$smtp_addr' variable to the ip address of your smtp mail server.
7. If you did not use the default subdirectory names as specified above in step #9 under "Installing the script", then you must modify the corresponding variables in the script to point to the subdirectories that you created.
   
Company Customization
1. If you wish to include an image at the top of the pages generated by PerlShop, you must change the values of the '$banner' variable, and the associated image attribute variables ($hspace, $vspace, $border, $height, $width, $width, $align). If you do not want to include an image, you must set the value of '$banner' to a null string (e.g. "").
2. If you wish to include a background image or change the background color of the generated pages, change the value of the '$background' and '$background_color' variables.
3. If you wish to use your own images instead of the standard html submit buttons, put the respective image file title(s) as the value of the $button_image variable(s), e.g. $button_image{'UPDATE'} = 'upd.gif';
4. Change the '$company_name' variable to the name of your own company.
5. Change the '$company_address' variable to the address of your own company, each address line must be separated by a '<br>' html tag.
6. Change the '$company_email' variable to the email address at your company that you will use for catalog related inquiries.
7. Change the '$mail_order_to' variable to the email address at your company that will receive the emailed order confirmations.
8. Change the '@accept_payment_by' variable to include the valid methods of payment that your company will accept. If you want to accept payment via First Virtual, you must enter 'First Virtual' as one of the options here, then follow the instructions in the Online Payment Methods: First Virtual section below.
9. If your company will accept credit card payments, then change the '@valid_credit_cards' variable to include the valid card types your company will accept.
10. If you want to use SecureOrder to provide immediate processing of credit card orders, then read completely and follow the instructions in the Online Payment Methods: SecureOrder section below, then set:
    $online_credit_verify = 'SecureOrder'
11. If your company will accept COD payments, then change the '$cod_charge' variable to the value of the amount that will be added to the order for COD shipments.
12. If your company adds a separate handling charge to each order, change the '$Handling' variable to the amount to be added.
13. Change the '$Pay_checks' variable to the name of the person or company that checks should be made out to if the order is being paid by check.
14. Change the text of the '$return_policy' variable to reflect your own company's return policy that will be included at the bottom of each order confirmation.
15. Change the '$catalog_country' variable to the name of the Country your catalog site is based in.
16. Change the '$accept_any_country' variable based on whether or not you will accept orders from a country that you have not explicitly listed in the '@Shipping_Rates' table. If you set this variable to 'yes', then you must have an 'OTHER' entry in the '@Shipping_Rates' table.
17. Change the text of the '$local_currency' and '$local_weight' variables as appropriate for the country your catalog site is based in.
18. If any of the Items in your catalog will use either the 'Item_weight' or 'Item_option' tags, then you must enter a value for the '$weight_caption' and/or '$item_caption' variables.
19. Change the '$shipping_type' variable to the method of calculating shipping that your company will use. If you are selling items that are not actually shipped, set the variable to 'none'.
20. Modify the '@Shipping_Rates' variable to reflect the shipping companies that your company uses, and the rates your company charges.
21. If your catalog will provide a discount based on the quantity ordered or the total price, then modify the '$discount_type' and '@Discount_Rates' variables appropriately.
22. Modify the '@Tax_States' variable to include any states for which your company must charge sales tax, and the rate charged.
23. If you want to allow the shopper to see their orders (i.e. what's in the shopping cart), without leaving the current page after pressing the 'ORDER' button, then you can make that the default mode by setting the '$stay_on_page' variable to 'yes'.
24. If you want to have the Credit Card # and expiration date included on the merchant's copy of the emailed order confirmation, set $carno_on_email = 'yes', but this can create a security risk, and you must read the security section below first before setting this variable to 'yes'.

Creating the Catalog Pages

1. Catalog Page Format
   Important Note: Every PerlShop html tag MUST be on a line by itself and the ITEM_CODE tag MUST be the last tag before the closing </FORM> tag.
   
   1. Entering the store:
      You must have a page with a submit button on it to enter the store. You can add the button to one of your existing pages, or you can create a new entry page. The Html for the form to create the button should have the following tags:
      
      1. <form METHOD=POST ACTION="http://www.yourdomain/shop/perlshop.cgi>
      2. <input TYPE=SUBMIT NAME=dummy value="ENTER">
      3. <input TYPE=HIDDEN NAME=ACTION value="Start Shopping">
      4. <input TYPE=HIDDEN NAME=thispage VALUE="page1.html">
      5. <input TYPE=HIDDEN NAME=ORDER_ID VALUE="!ORDERID!">
      6. </form>

   (NOTE: You can not use the !MYURL! option for the ACTION part of the <form...> tag here!)

   The text of the Submit button can be anything you like (change the text of the 'VALUE=' for the 'input TYPE=HIDDEN NAME=ACTION' tag), but the SUBMIT tag must have contain: VALUE="ENTER".

2. Server Independence
   Instead of using a hardcoded URL on your catalog pages, you can use the !MYURL! and !MYWWW! tags. If you ever move your catalog to another server or domain, you won't have to change all the references to your URL.
   1. !MYURL!
      Use this as the action for a POST or GET tag. For example:
      <form method=post action="!MYURL!">
      <a href="!MYURL!?action=thispage&thispage=page1.html&ORDER_ID=!ORDERID!">
   2. !MYWWW!
      Use this as the URL for non-cgi references (e.g. images). For example:
      <img src="!MYWWW!/images/logo.gif">
      
3. Built-in Navigation tags
   Each page of your catalog that you create can have a tag on the first line of the page that has links to the previous and next pages of the catalog. For example, the tag for the first line of page2 of the catalog would look like:
                     <!--PSTAG prevpage=page1.html nextpage=page3.html -->
   ( If page1.html was the first page, then on page1.html you would use page1.html as the prevpage. If the last page was page3.html, then on page3.html you would use page3.html as the nextpage).
   This tag is optional, and if not using it, you can set the $add_navigation variable to 'no'
   
4. Custom Navigation tags
   You can create a menu navigation system for your catalog by using either a submit button or <a href ...> link for each destination. These buttons or links can appear either on a menu page just after your Catalog Entry Page, or on any of your individual catalog item pages, or both.
   
   1. Using Forms
      Each submit button would have the format shown below (with 'NAME=none' for the SUBMIT tag), but with a different file title for the VALUE of the hidden 'NAME=thispage' tag. For example:
      
      <form METHOD=POST ACTION="!MYURL!">
      <input type=SUBMIT NAME=none VALUE="VCR'S">
      <input TYPE=HIDDEN NAME=thispage VALUE="page1.html">
      <input TYPE=HIDDEN NAME=ORDER_ID VALUE="!ORDERID!">
      </form>
      
      <form METHOD=POST ACTION="!MYURL!">
      <input type=SUBMIT NAME=none VALUE="CAMERA'S">
      <input TYPE=HIDDEN NAME=thispage VALUE="page2.html">
      <input TYPE=HIDDEN NAME=ORDER_ID VALUE="!ORDERID!">
      </form>
      
   2. Using Links
      Each <a href ...> tag would have the following format:
      <a href="!MYURL!?ACTION=thispage&thispage=page1.html&ORDER_ID=!ORDERID!">THISPAGE</a>
      
5. Single Item Selection Forms.
   (Click here to see the html source of the actual Single Item selection sample page as used in the demo store)
   In this format, each individual item for sale in the catalog is contained within it's own html <form>...</form> block. You can have both Single Item and Multiple Item selection forms in the same catalog, and even within the same page. A sample Single Item Selection Form follows with an explanation of each line below it:
   1. <FORM METHOD=POST ACTION="!MYURL!">
   2. <input type="submit" name=dummy value="Press to Order">
   3. <INPUT TYPE=HIDDEN NAME=ACTION VALUE="ORDER">
   4. <INPUT TYPE=HIDDEN NAME=ORDER_ID VALUE="!ORDERID!">
   5. <INPUT TYPE=HIDDEN NAME=ITEM_ID VALUE="12345">
   6. <INPUT TYPE=HIDDEN NAME=ITEM_NAME VALUE="Polish for Dummies">
   7. Polish For Dummies $212.98 <br>
   8. <INPUT TYPE=HIDDEN NAME=ITEM_PRICE VALUE="212.98">
   9. <INPUT TYPE=HIDDEN NAME=thispage value=page1.html>
   10. Qty:<INPUT TYPE=TEXT SIZE=3 MaxLength=3 NAME=QTY VALUE="1">
   11. This book is especially good for beginners. <br>
   12. <INPUT TYPE=HIDDEN NAME=ITEM_CODE value="!ITEMCODE!">
   13. </FORM>

   Description of each line above:

   1. This is the opening form tag with the location of the perlshop.cgi program on your server
   2. This creates a submit button on the catalog page with the text."Press to Order", you can use any text you want to create the button.
   3. This is a hidden field that tells the perlshop script to process the 'ORDER' action command.
   4. This is a hidden field that has a placeholder !ORDERID! that will be replaced automatically by the perlshop script with the actual unique invoice number for this shopping session.
   5. This is a hidden field whose value should be set to item number you have assigned for this catalog item. Each item number must be unique.
   6. This is a hidden field whose value should be set to the name of the item.
   7. This is the name of the item, and the price, as it will appear on the catalog page.
   8. This is a hidden field whose value should be set to the price of the item. The price should be in the format '999999.99' Commas and a leading dollar sign are optional. There is no limit on the actual price of the item.
   9. This is a hidden field whose value should be set to the actual file title of the page that this catalog item is located in.
   10. This is the Quantity field that will appear on the form whose value is the default number of items that will be ordered if a customer orders this item.
   11. This is some descriptive text you can add if the item name does not sufficiently describe the item being ordered.
   12. This is a hidden field that has a placeholder !ITEMCODE! that will be replaced automatically by the perlshop script with a unique digital signature generated for this catalog item and shopping session only
   13. This is the closing form tag.
       
6. Multiple Item Selection Forms
   (Click here to see the html source of the actual Multiple Item selection sample page as used in the demo store)
   This format allows for ordering multiple items with one press of the 'ORDER' sumission button. More than one item is contained within the same html <form>...</form> block. You can have both Multiple Item and Single Item selection forms in the same catalog, and even within the same page. A sample Multiple Item Selection form follows, note that there is only one of each of the 'form', 'submit', 'ORDER_ID', 'ITEM_CODE', and 'thispage' tags.
   
   <FORM METHOD=POST ACTION="!MYURL!">
   <INPUT TYPE=HIDDEN NAME=ITEM_ID VALUE="12348">
   <INPUT TYPE=HIDDEN NAME=ITEM_NAME VALUE="Polish in 623 Days"> Polish in 623 Days $15.98
   <INPUT TYPE=HIDDEN NAME=ITEM_PRICE VALUE="15.98">
   Qty:<INPUT TYPE=TEXT SIZE=3 MaxLength=3 NAME=QTY
   VALUE="0">
   Learn Polish at your own rate.
   
   <INPUT TYPE=HIDDEN NAME=ITEM_ID VALUE="12349">
   <INPUT TYPE=HIDDEN NAME=ITEM_NAME VALUE="Polish in 53 easy lessons">
   Polish in 53 easy lessons $31.98
   <INPUT TYPE=HIDDEN NAME=ITEM_PRICE VALUE="31.98">
   Qty:<INPUT TYPE=TEXT SIZE=3 MaxLength=3 NAME=QTY VALUE="0">
   Easy guide to learning Polish.
   
   <input type="submit" name=dummy value="Press to Order">
   <INPUT TYPE=HIDDEN NAME=ACTION VALUE="ORDER">
   <INPUT TYPE=HIDDEN NAME=ORDER_ID VALUE="!ORDERID!">
   <INPUT TYPE=HIDDEN NAME=thispage value=multi.html>
   <INPUT TYPE=HIDDEN NAME=ITEM_CODE value="!ITEMCODE!">
   </FORM>
7. Optional Tags
   You can include the standard Server-Side include tags (SSI tags) on your catalog pages, PerlShop will emulate the server and process the SSI tags itself. The variable $allow_ssi_cgi can be set to allow the use of the SSI cgi command to run cgi programs, but this creates a BIG security hole, and should not be enabled unless absolutely necessary AND you know what you are doing!
   
   The following html tags are optional:
   1. WEIGHT
      This 'type=hidden' tag can be used if you want to calculate the shipping charges based on weight. The value of the tag should be the shipping weight of the item. If you want to use this tag, you must change the value of the '$weight_caption' variable (eg. $weight_caption="Weight").
   2. TAXTYPE
      This 'type=hidden' tag can be used if some of the items that you sell are taxable, and some are not. The default is to add tax (if you have made an entry in the '@Tax_States' variable), but you can override it for individual items by using a <INPUT TYPE=HIDDEN NAME="ITEM_TAXTYPE"  VALUE="none"> tag.
   3. OPTIONx
      These tags can be used to specify any attributes of the items that you sell. For example, this tag can be used to specify the Color or Size, or any other descriptive attributes of your items. You can have up to three different OPTION tags. If you want to use this tag, you must change the value of the '$option1_caption' variable to the name of the option (e.g. $option1_caption = "Color"), and so on for each option.
      (You can let the user pick the value of the option by creating listboxes, radio buttons, or even through an input field.)
   4. StayOnPage
      By placing a tag within the <form>...</form> block, this tag can be used to override the value of the '$stay_on_page' variable in the script. For example, the following tag allows the user to change the default value from 'no' to 'yes' by selecting a checkbox:
      <input type=checkbox name="StayOnPage" value="YES">
      
8. Order of Html Tags
   The order of the Html Tags is Very Important!
   1. The 'ITEM_CODE' tag MUST be the very last tag just before the closing </form> tag.
   2. If any of the optional tags 'ITEM_WEIGHT', 'ITEM_TAXTYPE', or 'ITEM_OPTIONx' exist, then they MUST appear before both the 'ITEM_ID' and 'ITEM_PRICE' tags.
   3. Each Html Tag Should be on a line by itself.
      
      
• Automating Catalog Page Creation
  There are several programs currently available that will allow you to generate your catalog pages from an existing database. The programs usually read an html template file that you have created, replacing special tags with data from the database.
1. ShowBase(tm)
2. BackPage(tm)  Free (requires Microsoft Access 95 and Microsoft Windows 95)
3. 4W Publisher(tm)
   
   
• Appendix
  1. Security
     IMPORTANT NOTE: PerlShop as distributed includes several security features, but these must be augmented by external programs for real security. No guarantees or warranties of any kind regarding security are made, either using PerlShop alone or augmented by external programs. Since PerlShop is distributed as source code, it is possible someone could modify it to create holes in the security. One way to minimize this possibility is to record digital signatures, using MD5, SHA or PGP, of perlshop.cgi and check them occasionally.
     
     The $allow_ssi_cgi variable can be set to allow the use of the SSI "cgi" command to run cgi programs, but this creates a BIG security hole, and should not be enabled unless absolutely necessary AND you know what you are doing!
     
     1. File Security
        The files created by an internet server are normally created under the user 'nobody', this is not very secure since anyone else running a script under the default 'nobody' user would have access to those files.
        The only way to secure the PerlShop output files is to run it under your own userid. This can be done by using the program cgiwrap. When using cgiwrap, the script itself should have it's permissions set to 700 to prevent access from a non-cgiwrap URL.
        PerlShop will also set all output file permissions so that the files created are only accessible to your own userid.
        The output files should be created in subdirectories of your cgi-bin directory as specified in the Installing the Script section above, and not within your server's document directory tree, (but make sure that the server you are using is set up so that the files in your cgi-bin directory tree are not directly accessible as html document files from a browser.)
        The output files are not encrypted online, since (unless you use public-key encryption) anyone having access to them would obviously have access to the encryption key used within the program as well.
        The output files should be periodically removed from the Internet server as often as possible. If you don't remove them, you should at least encrypt them manually, making sure not to store the encryption key on the server. If transferring the files to your own computer, they should be encrypted first.
     2. Transaction Security
        PerlShop attempts to guarantee the integrity of each transaction by creating a digital signature of the data sent in each transaction, and sending the signature along with the data. On receipt of each transaction, the signature is re-computed and compared to the one received, if there were any alterations of the data, the two signatures would not compare, and the transaction is rejected.
        
        PerlShop has an option to put the Credit Card # and expiration date on the merchant's copy of the order confirmation email. This can severly compromise all of the other security precautions you might take, and should be used with caution. You should definately not use this option if you have also enabled the Secure Server option, since the shopper will then trust that his personal information will only be transmitted securely, If you break your customer's trust, you will not be in business very long.
        A future version of PerlShop will have an interface to PGP so that the email can be encrypted before sending it, until then, it is not reccomended to put the CC# on the email.
        
        The only way to ensure the security of each transmission is to use an encryption enabled browser/server combination.
        
        If you have access to a secure server, you can now give any shopper that has access to a secure browser the option of selecting a secure check-out form to enter their personal information, all of the other pages will go through the regular server, since there is a significant overhead going through a secure server. The shopper will still have an option to use the regular (non-secure) check-out form, since it is difficult, if not impossible, to initiate a secure transaction from behind some firewalls, giving only a secure check-out option would needlesly prevent some shoppers from using your site.
        
        To enable use of a secure server, set the $use_secure_server variable to 'yes', then enter the URL of the Secure Server (it MUST begin with https: rather than http:) into the $secure_server_address variable.
        
        (NOTE: Since the configuration of files and programs using a secure server can vary depending on the server and operating system, the following instructions may not apply to your setup, you'll need to verify them first with your ISP to determine the proper procedure for your specific situation.)
        
        Since every page generated from a secure server must originate from a under a directory defined as the secure root directory in the web server (e.g. public_ssl), you'll need to keep a second copy of every image used on your check-out page in a separate directory, and you'll need to keep a second copy of the perlshop.cgi script under a second cgi-bin directory.
        
        Make sure that the directory structure under your secure directory (e.g. public_ssl) is the same as under your non-secure root (e.g. public_html) For example: if your images are currently located under /public_html/mystore/images, then you should put a copy of each image file under /public_ssl/mystore/images; and if your perlshop.cgi script is under /public_html/cgi-bin/mystore, then you should put a copy of the script under /public_ssl/cgi-bin/mystore also.
        
        Since the URL to your secure image directory (i.e. the part after the $secure_server_address) may differ from that to your regular image directory, the $secure_image_directory variable is provided. For example, if your regular URL is http://www.yourdomain/shopimages, and your URL to the copies of the images under your secure server is: http://ssl.pair.com/user/mystore/images, then the $image_directory variable would be "/mystore/images", but the $secure_image_directory variable would have to be "/user/mystore/images".
        If the two URL's would be the same on your server, then make sure that the $secure_image_directory variable is set to the same value as the $image_directory variable.
        
        Since the second copy of the perlshop.cgi script that you put under the /public_ssl/cgi-bin/mystore directory needs to access the files that were created by the original copy of the script under the public_html directory, you need to create symbolic links to the original sub-directories. to do this, you need to get the full path info to the original directory, you can get it by changing to the original cgi-bin directory, then issuing the "pwd" command, the results might be something like: /usr/www/users/taussig/cgi-bin/mystore", then go back to the /public_ssl/cgi-bin/mystore directory and create the symbolic links by entering the command:
        "ln -s /usr/www/users/taussig/cgi-bin/mystore/tokens tokens"
        and so on for each of the subdirectories.
        
  2. Cookies:
     The script now has an option to use cookies to allow a shopper to order some items, leave your site, then return at a later date or time and immediately receive a message that they have an outstanding order, and be given the option of continuing to add new items to the existing order, or to start a new session with an empty "Cart".
     Since the cookie is stored on the shopper's computer, it will only let the shopper continue an order on the same computer that the original items were ordered on.
     In order to minimize shopper's security concerns, the only info. stored in the cookie is the unique-id assigned to the shopper's session.
     This option can be turned on or off by the $use_cookies variable, and the number of days before the cookie will expire and an existing order can no longer be reused can be set by the $cookie_expire_days variable.
     
  3. Online Payment Methods:
     You can now give your customers the ability to complete the ordering process by receiving verification that their payment has been accepted (or rejected) within moments of placing the order. In order to provide this feature, you must first apply to either First Virtual, or Versanet (SecureOrder) to be qualified as a merchant. To find out their current requirements and pricing, you must contact them directly. Modifying the PerlShop script to enable either payment option is very simple.
     
     1. First Virtual:
        To enable the First Virtual payment option, find the section of the script headed "First Virtual Configuration Section", comment out (i.e. put a pound sign (#) before the variable) the $fv_seller_pin and $fv_ips variables found under the "for Testing" section, and un-comment those same variables under the "for Production" section (i.e. remove the pound signs in front of the variables). Then enter the Seller Pin that First Virtual will assign to you as the value of the $fv_seller_pin variable in the "for Production" section.
        
     2. SecureOrder:
        To enable the SecureOrder payment option, first set $online_credit_verify = 'SecureOrder', then find the section of the script headed "SecureOrder Configuration Section", comment out (i.e. put a pound sign (#) before the variable) the two variables found under the "for Testing" section, and un-comment those same two variables under the "for Production" section (i.e. remove the pound signs in front of the variables). Then enter the Merchant-ID identifier that Versanet will assign to you as the value of the $SecureOrder_id variable.
        
  4. Debugging
     Please see the following references first, then if you still have problems, you can send email to: perlshop@mjourney.com
     1. Cgi Debugging
     2. The Idiot's Guide to Solving Perl CGI Problems
        
  5. Output File Formats
     1. Customer File
        A single record CSV (comma separated, quoted) file with the following fields:
        invoice#, ip address, date, time, title, first name, last name , company, street1, street2, city, state, zip, country, email, daytime phone, daytime extension, evening phone, evening extension, fax, Shiptype, Payby, Cardtype, Card#, Expire month, Expiration year, source, suggestions, sub_total, tax, shipping, grand_total, total_discount, cod_charge, handling.
     2. Order File
        A multiple record CSV (comma separated, quoted) file with the following fields: invoice#, item id#, item name, price, quantity. The following optional fields also appear: weight, taxtype, option1, option2, option3 (they will appear, but be blank if the option is not applicable).
     3. log Files
        1. Page Hits log file
           A multiple record CSV (comma separated, quoted) file of every catalog page that has been accessed, with the following fields:
           Page title, date, ip address.
        2. Search Hits log file
           A multiple record CSV (comma separated, quoted) file of each Search pattern that has been entered on the Search screen, whether the search was successful or not, with the following fields:
           Search String, # of matches, date, ip address.
           
  6. Requirements:
     PerlShop has currently been tested using Perl5 under Unix running the Apache server, and under Windows running the WebSite server.

 Last Update: Mar 29, 1997                                                                                      Copyright ©1997, ARPAnet Corp. 

PerlShop, Adverware, and the PerlShop logo are trademarks of ARPAnet Corp.
All other trademarks are the property of their respective owners.