#!/usr/bin/perl -wT
use CGI qw(:standard);
use CGI::Carp qw(warningsToBrowser fatalsToBrowser);
use lib '.';
use Shopcart;
use strict;

# if the pressed the "Check Out" button, redirect to the checkout
# script instead
if (param('cartact') eq "Check Out") {
   print redirect("http://www.cgi101.com/book/ch17/order.cgi");
   exit;
}

print header;
print start_html("Update Cart");

my $cookie_id = &validate_cookie;

# prepare three statement handles - one to select data from the cart,
# a second to update a record in the cart with quantity changes,
# and a third to delete a record from the cart (if qty==0).

my $sth = $dbh->prepare("select * from shopcart where cookie=? and item_number=?") or &dbdie;
my $sth2 = $dbh->prepare("update shopcart set qty=? where cookie=? and item_number=?") or &dbdie;
my $sth3 = $dbh->prepare("delete from shopcart where cookie=? and item_number=?") or &dbdie;

foreach my $p (param()) {
   # first, be sure it's a NUMBER. if not, skip it.
   if ($p =~ /^item_.*/ and param($p) =~ /\D/) {
      print "error, `",param($p),"' isn't a number.<br>\n";
      next;
   }
   my $item = $p;
   $item =~ s/item_//;
   $sth->execute($cookie_id, $item) or &dbdie;
   if ($sth->fetchrow_hashref) {
      if (param($p) > 0) {
         $sth2->execute(param($p), $cookie_id, $item) or &dbdie;
      } else {
         $sth3->execute($cookie_id, $item) or &dbdie;
      }
   }
}

# Display the shopping cart

&display_shopcart($cookie_id);
print end_html;