WebStore 400CS Shopping Cart - RDC Software - Configure Global Setup File

Previous | Next Main Index: Frames | No Frames Document: Frames | No Frames

Configure Global Setup File

The global setup file, /Web_store/ws_global.setup, contains variables used by all scripts in the WebStore application.

Script specific variables are located in the following files for the listed script:

Script Name Setup File Variable Document ws400CS.cgi /Databases/outlet.setup /Docs/outlet.setup.html ws_banner.cgi /Databases/ws_banner.setup /Docs/ws_banner.setup.html ws_editor.cgi /Databases/outlet_editor.setup /Docs/outlet_editor.setup.html ws_mail.cgi /Databases/ws_mail.setup /Docs/ws_mail.setup.html

If your domain has a specific directory configured for perl scripts, such as cgi-bin, place ws_global.setup and all perl scripts (.cgi files) in the cgi-bin directory.

If you can execute perl scripts from any directory in your domain, ws_global.setup and the perl scripts may be left in the /Web_store directory or placed in any directory of your choosing.

The /Web_store directory and it's sub-directories must be placed in a directory which can parse HTML files and output graphic files to the http daemon. The directory accessed with the URL http://www.YourDomain.xxx or any directory under this directory is the correct location for the /Web_store directory structure.

Perl scripts can not be placed in any directory assigned to MS Frontpage.

General Settings

Script Name	Setup File	Variable Document
ws400CS.cgi	/Databases/outlet.setup	/Docs/outlet.setup.html
ws_banner.cgi	/Databases/ws_banner.setup	/Docs/ws_banner.setup.html
ws_editor.cgi	/Databases/outlet_editor.setup	/Docs/outlet_editor.setup.html
ws_mail.cgi	/Databases/ws_mail.setup	/Docs/ws_mail.setup.html

use lib = '/Path/To/Perl/Modules'

$nslookup

$sendmail

$pgp

$basedir

$use_ssl

$main_script_url | $ssl_url

$graphics_url | $ssl_graphics_url

$timezone

$delete_age

$no_cache

%global_files

$dns_lookup

$company_email | $admin_email

$pgp_user_id

$save_orders

$background | $bgcolor - $alink_color

Font Control

$data_font | $data_face

$header_font | $header_face

Demonstration Mode

$demo

Addressing WebStore Sub-directories

Top of Page

General Settings

use lib = '/Path/To/Perl/Modules';

If applicable, inform Perl where user installed Perl modules are located.

The following Perl modules and openssl are used by WebStore for real-time payment processing: Package/File Download URL for latest version ------------ ------------------------------- Digest::MD5 http://www.perl.com/cgi-bin/cpan_mod?module=Digest::MD5 Net::SSLeay http://www.perl.com/cgi-bin/cpan_mod?module=Net::SSLeay OpenSSL http://www.openssl.org/source

Digest::MD5 is used for checksum verification with Authorize.Net processing.

Net::SSLeay and OpenSSL are used for connecting to real-time payment processors using SSL.

Index

$nslookup = '/usr/bin/nslookup';

$nslookup is the UNIX path to your server's nslookup program.

If mis-configured, all scripts attempt to locate nslookup. If nslookup is not located, all scripts use gethostbyname. No error message is generated.

Index

$sendmail = '/usr/bin/sendmail';

$sendmail is the UNIX path to your server's sendmail program.

If mis-configured, all scripts generate a System Files not Found message. Checks for $nslookup and $pgp are included in the error message.

Index

$pgp = '/usr/local/bin/pgp';

$pgp is the UNIX path to your system's PGP program.

If the path defined in $pgp does not point to your server's PGP program, all scripts generate a System Files not Found message.

If your server does not provide PGP, set $pgp = ''.

Setting $pgp = '' disables PGP encryption of administrative order e-mail messages in WebStore.

Index

$basedir = '/Path/To/Web_store';

$basedir is the absolute UNIX path to the /Web_store directory.

The /Web_store directory and all sub-directories must be placed in a directory which can parse HTML files and output graphic files to the http daemon.

Index

$use_ssl = '1';

0    SSL is disabled. WebStore uses $main_script_url for all clients going to the order form. 1    Clients are taken directly to the order form with SSL enabled. If using frames, WebStore remains in frames. WebStore will switch the value of $use_ssl from 1 to 2 for those browsers which may not be capable of SSL transmissions. 2    Clients are given a form to select the use of SSL. If using frames, WebStore remains in frames. 3    Clients are given a form to select the use of SSL. Buttons in this form TARGET="_top" and exit frames. Leaving the insecure frameset document permits MSIE and Netscape to close their padlock.

When $use_ssl equals 1 or 2, WebStore prints one the following browser-dependent lines of text in the main frame below the cart contents table, indicating to the client the main frame is secure:

0		SSL is disabled. WebStore uses $main_script_url for all clients going to the order form.

1		Clients are taken directly to the order form with SSL enabled. If using frames, WebStore remains in frames. WebStore will switch the value of $use_ssl from 1 to 2 for those browsers which may not be capable of SSL transmissions.

2		Clients are given a form to select the use of SSL. If using frames, WebStore remains in frames.

3		Clients are given a form to select the use of SSL. Buttons in this form TARGET="_top" and exit frames. Leaving the insecure frameset document permits MSIE and Netscape to close their padlock.

Secure Frame

Security image defaults to

, security.Netscape.gif, for browsers other than MSIE or Netscape.

Removing security.MSIE.gif and security.Netscape.gif from the Graphics sub-directory prevents this line from printing.

When using SSL, WebStore substitutes $ssl_url into $main_script_url when clients go to the order form.

Index

$main_script_url = 'http://www.YourDomain.xxx/Web_store';

$main_script_url is the absolute URL (Uniform Resource Locator) of ws400CS.cgi, the main script. $main_script_url is used for all script processes while clients are browsing your WebStore.

$main_script_url is also used for the script's process when going to the order form and will be substituted into the order form's <FORM ACTION> for those browsers not capable of SSL transmissions, if you are using SSL ($use_ssl = 1-3).

When $use_ssl = 0, all web browsers use $main_script_url when going to the order form.

Each script adds /script_name.cgi to $main_script_url.

Index

$ssl_url = 'https://www.YourDomain.xxx/Web_store';

$ssl_url is the secure, absolute URL (Uniform Resource Locator) of ws400CS.cgi.

$ssl_url is used for the script's process when going to the order form and will be substituted into the order form's <FORM ACTION> for those browsers capable of SSL transmissions, if you are using SSL ($use_ssl = 1-3).

When $use_ssl = 0, $ssl_url is never used. All web browsers use $main_script_url for all script processes.

Each script adds /script_name.cgi to $ssl_url.

Index

$graphics_url = 'http://www.YourDomain.xxx/Web_store/Graphics';

$graphics_url points to the Graphics sub-directory.

$graphics_url may use relative or absolute addressing. Relative addressing is relative to the location of the WebStore script.

If the client's web browser is not capable of SSL transmissions, $graphics_url will be used to construct the URL necessary to load the graphic files used on the Confirmation of Order page which underline credit card fields.

If you use $graphics_url to reference images in the reseller's secondary form file, defined in $reseller_file in outlet.setup, $graphics_url must be absolute. <IMG SRC> tags present in cut and paste HTML code sent to resellers in e-mail messages referencing images on your server must use absolute addressing.

Index

$ssl_graphics_url = 'https://www.YourDomain.xxx/Web_store/Graphics';

$ssl_graphics_url is the secure, absolute URL (Uniform Resource Locator) for the Graphics sub-directory.

$ssl_graphics_url is used to construct the URL necessary to load the graphic files used on the Confirmation of Order page which underline credit card fields for those browsers capable of SSL transmissions, if you are using SSL ($use_ssl = 1-3).

When $use_ssl = 0, $ssl_graphics_url is never used. All web browsers use $graphics_url for graphic file loading.

Index

$timezone = '-5:CST';

$timezone consists of two colon delimited values: -5:CST GMT offset:Timezone description

The value to the left of the colon, "-5", is your GMT (Greenwich Mean Time) time zone offset value. This value is used to obtain the local time of your business which is printed as the date and time in the e-mail messages, confirmation of order HTML page, and the statistics file.

The value to the right of the colon, "CST", is appended to the order's Date on the confirmation of order HTML page and e-mail messages sent to the client and store administrator: Wednesday, 08 April 1998 at 04:22:43 AM, CST Your time zone offset value will equal the number of hours your time zone differs, plus or minus, from GMT. Greenwich, England is defined as 0 and is the center of GMT.

Except for those residing at GMT (time zone value of 0), the + (plus) or - (minus) must preceed the number of hours.

Example time zone values and $timezone settings:
Time zone values: US Eastern Standard (EST) -5 hours (Local summer -4 hours) US Central (CST) -6 hours (Local summer -5 hours) US Mountain (MST) -7 hours (Local summer -6 hours) US Pacific (PST) -8 hours (Local summer -7 hours) Greenwich, England (GMT) 0 hours (Local summer +1 hours) $timezone settings: $timezone = '-5:EST'; $timezone = '-6:CST'; $timezone = '-7:MST'; $timezone = '-8:PST'; $timezone = '0:GMT'; $timezone = '-5:US Eastern Standard Time'; $timezone = '-6:US Central Time'; $timezone = '-7:US Mountain Time'; $timezone = '-8:US Pacific Time'; $timezone = '0:Greenwich Mean Time'; $timezone = '-5:(GMT -05:00) Eastern Time (US & Canada)'; $timezone = '-6:(GMT -06:00) Central Time (US & Canada)'; $timezone = '-7:(GMT -07:00) Mountain Time (US & Canada)'; $timezone = '-8:(GMT -06:00) Pacific Time (US & Canada)'; $timezone = '0:(GMT) Greenwich Mean Time'; Time zone value syntax: +xx.xx, +x.xx, +x.x, +x, 0 -xx.xx, -x.xx, -x.x, -x x equals a numeric value (0-9) Time zone value range: -13.75 to +13.75
The script will default to the server's local time for the following mis-configurations of $timezone:
1. Alpha or special characters present in the time zone value 2. Time zone value greater than +13.75 or less than -13.75 3. No colon present
Refer to timezones.html for a listing of GMT time zone offset values.

If your server resides in a time zone which does not recognize summer or daylight savings time, you must adjust the offset values in timezones.html by one hour according to the following examples: Positive values: subtract one hour 5 becomes 4 Negative values: subtract one hour -5 becomes -6 Setting $timezone = '-5:CST' enables GMT time zone calculation .

", CST" is appended to the Date in e-mail messages and confirmation of order HTML page: Wednesday, 08 April 1998 at 04:22:43 AM, CST Setting $timezone = '-5:' enables GMT time zone calculation .

Nothing is appended to the Date in e-mail messages and confirmation of order HTML page: Wednesday, 08 April 1998 at 04:22:43 AM Setting $timezone = ':CST' disables GMT time zone calculation.

The script defaults to the server's local time.

", CST" is appended to the Date in e-mail messages and confirmation of order HTML page: Wednesday, 08 April 1998 at 05:22:43 AM, CST Setting $timezone = ''; disables GMT time zone calculation.

The script defaults to the server's local time.

Nothing is appended to the Date in e-mail messages and confirmation of order HTML page: Wednesday, 08 April 1998 at 05:22:43 AM

Index

$delete_age = '6';

$delete_age limits the age of shopping cart files and banner files stored in the /User_carts sub-directory and the age of user files stored in the /Users sub-directory.

WebStore deletes cart files once for each time cycle defined in $delete_age. If $delete_age equals 6, cart files older than 6 hours are deleted at 6 hour intervals.

$delete_age is a whole or fixed decimal value, greater than '1'.

$delete_age defaults to '6' when set to a non-zero value, less than '1'.

For WebStores with high traffic, setting $delete_age = '' disables age deletion of shopping cart files and banner files in ws400CS.cgi and ws_banner.cgi. ws_editor.cgi and ws_mail.cgi will set $delete_age to 6 hours and delete these files during login submission.

For scheduled deletion of files using UNIX cron, configure the variables located in the DEFINE VARIABLES section of /Web_store/ws_delete_files.cgi. Instructions for setting up the crontab file is located at the top of ws_delete_files.cgi.

REFER TO YOUR SERVER'S MAN PAGE FOR crontab.

Do not assume the instructions for crontab in ws_delete_files.cgi accurately describes your server's crontab utility or that you can execute crontab on your server.

If you can not execute a crontab command from telnet, contact your server's administrator and ask if your domain (username) may be configured to execute crontab commands.

ws_delete_files.cgi may be configured for web browser access or scheduled execution using UNIX cron (or both).

/Web_store/ws_delete_files.cron contains a crontab entry for scheduled deletion of files every 6 hours. If you currently use crontab, add an entry in your crontab file pointing to ws_delete_files.cgi. If you are not using crontab, use ws_delete_files.cron as your crontab file and modify the UNIX path in this file to point to ws_delete_files.cgi.

Example Settings:

$delete_age = '3'       3     hours
$delete_age = '5.5'     5 1/2 hours
$delete_age = '6'       6     hours
$delete_age = '12'     12     hours

Index

$no_cache = '';

The value assigned to $no_cache controls the printing of NO CACHE pragmas and the following related META tags to order forms, forms associated with order forms, secondary forms, access forms, static HTML pages, database product pages, and search result pages:

<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="-1">

a    Print NO CACHE elements to all pages and forms. f    Print NO CACHE elements to order forms, forms associated with order forms, secondary forms, and access forms. h    Print NO CACHE elements to static HTML pages, database product pages, and search result pages.

WebStores sets $no_cache = '' for $no_cache values other than a, f, or h when a, f, or h (case insensitive) is not present in $no_cache.

Setting $no_cache = '' disables printing of NO CACHE elements.

Index

%global_files = ( # KEY Global setup file(s) # 'webstore' => ['global.store.setup'], # 'wseditor' => ['global.security.setup'], # 'wsmail' => ['global.security.setup'], ); # DO NOT REMOVE - terminates %global_files

%global_files is a hash of arrays, consisting of a maximum of three arrays, one for each of the following application scripts included with WebStore:

a		Print NO CACHE elements to all pages and forms.

f		Print NO CACHE elements to order forms, forms associated with order forms, secondary forms, and access forms.

h		Print NO CACHE elements to static HTML pages, database product pages, and search result pages.

Array Key    Application    Script

webstore     WebStore       ws400CS.cgi
wseditor     WS Editor      ws_editor.cgi
wsmail       WS Mail        ws_mail.cgi

For ease of modification, global files may be created when using multiple application setup files consisting of variables whose values are identical.

Global files are not included in the distributions of WebStore. If used, global application setup files must be created by the end user.

Procedures for creating and implementing a global variable file: Create a file named similar to global.XXX.setup, where XXX defines the application's name or the application specific variables in the file. Cut and paste the variables into the new global file. Remove variables from the original setup file. Store the new global filename in the application's %global_files array. Upload the modified files to your server. Store global variable files under WebStore's /Databases sub-directory.

Each script adds '.setup' to the filenames listed in it's array in %global_files if a filename does not end in '.setup'.

Global files are required by Perl in the order listed in the application's %global_files array. Application setup files are required after all files in the application's %global_files array have been required. Unless a variable is being redefined, variables defined in a global file can be removed from the application specific setup file.

When using multiple product databases in WebStore and WS Editor, global files may be created consisting of the entire variable set for each application. Application setup files may be created for WebStore and WS Editor which re-define the product database variable, $data_file.

Other variables may also be redefined, such as BODY color attributes, $frontpage_file, $search_engine, etc.

When subroutines defined in a global setup file for displaying additional HTML for WebStore are redefined in a store setup file, the subroutine must be undefined prior to being redefined. Place the following BEGIN subroutine with applicable undef functions at the top of the store setup file:

BEGIN {
    undef &frontpage_trailer_html if defined(&frontpage_trailer_html);
    undef &pre_category_html      if defined(&pre_category_html);
    undef &category_trailer_html  if defined(&category_trailer_html);
    undef &pre_view_modify_html   if defined(&pre_view_modify_html);
}

A common setup file may be created consisting of the security variable set used by WS Editor and WS Mail, eliminating duplication or possible security variations between application setup files. Place the filename for this global file in the 'wseditor' and 'wsmail' arrays.

Filenames ending in _editor.setup are ignored in $global_files{'wseditor'}. This character sequence is reseved for WS Editor setup filenames.

Placing a # (pound sign) in column one of a script's array disables the use of global setup file(s) for that script.

Setting %global_files = () disables the use of global setup files in all WebStore application scripts.

Index

$dns_lookup = '1';

0    DNS lookup is disabled. Submitted e-mail addresses are checked for minimal syntax only. 1    Perform DNS lookup of the e-mail address entered on forms in all scripts. The e-mail address must pass nslookup or form submission will not be accepted. 2    Perform DNS lookup for e-mail addresses entered on all forms in all scripts. Allow nslookup failures to proceed, posting the appropriate error message. WebStore attempts to deliver the confirmation of order e-mail to the client. An additional message is printed at the top of the confirmation page informing the client that their e-mail address failed NS Lookup and the confirmation of order e-mail may not be deliverable to their submitted e-mail address. For ws_editor.cgi and ws_mail.cgi, an e-mail address which fails nslookup during user registration to the administrative interface generates an error message only and will not prevent a new user from registering. The confirmation of registration e-mail may not be delivered to the new user's e-mail address. E-mail addresses submitted on the WS Mail registration form are checked for minimal syntax only.

Index

$company_email = "Electronic Outlet Demo <WebStore\@YourDomain.xxx>";

$company_email used in the FROM section of the order confirmation e-mail sent to the client for WebStore and the FROM section of the e-mail to new users registering for access to WS Editor and WS Mail.

Index

$admin_email = "Administrator <admin\@YourDomain.xxx>";

$admin_email used in the TO section of e-mail messages delivered to the administrator for WebStore, WS Editor, and WS Mail.

Index

$pgp_user_id = "Your Name <username\@YourDomain.xxx>";

$pgp_user_id is the user id of the public key used for encrypting order e-mail messages delivered to the store's administrator. The user id was assigned to the public key when you created the PGP files on your server.

When $pgp = '', the value assigned to $pgp_user_id is disregarded.

Index

$save_orders = 'days96';

When $save_orders equals y, m, d, or h (case insensitive), store orders in four digit year sub-directories under the $sale_directory.

WebStore creates the $sale_directory and a four digit year sub-directory under $sale_directory when the first client order is submitted.

Orders may be stored in a maximum of four time-specific files, using any combination of the following time span file switches:

0		DNS lookup is disabled. Submitted e-mail addresses are checked for minimal syntax only.

1		Perform DNS lookup of the e-mail address entered on forms in all scripts. The e-mail address must pass nslookup or form submission will not be accepted.

2		Perform DNS lookup for e-mail addresses entered on all forms in all scripts. Allow nslookup failures to proceed, posting the appropriate error message. WebStore attempts to deliver the confirmation of order e-mail to the client. An additional message is printed at the top of the confirmation page informing the client that their e-mail address failed NS Lookup and the confirmation of order e-mail may not be deliverable to their submitted e-mail address. For ws_editor.cgi and ws_mail.cgi, an e-mail address which fails nslookup during user registration to the administrative interface generates an error message only and will not prevent a new user from registering. The confirmation of registration e-mail may not be delivered to the new user's e-mail address. E-mail addresses submitted on the WS Mail registration form are checked for minimal syntax only.

Time Span         Filename Examples (using PGP file extension)

y - year          2000.asc
m - month         2000-01.asc           or  2000-January.asc
d - day           2000-01-21.asc        or  2000-January-21.asc
h - hour          2000-01-21.AM-10.asc  or  2000-January-21.AM-10.asc

Other Switches:

a   - Alpha months in filenames (numeric months if 'a' is omitted)

s   - Delete short term files (hour and day) at 48 hour intervals
sXX - Delete short term files (hour and day) at XX hour intervals,
      where X = 0-9 and XX must be greater than 24 hours.
      Deletion interval defaults to 48 hours when XX is less than
      or equal to 24 hours or XX is omitted.

      's' has no effect when 'h' and 'd' switches do not exist.
      Short term file checks occur during the submission of orders.

Examples $save_orders values:

'm'     - Month files with numeric months
'may'   - Year and month files with alpha months
'days'  - Year and day files with alpha months
          Delete day files older than 48 hours at 48 hour intervals
'has96' - Hour files with alpha months
          Delete hour files older than 96 hours at 96 hour intervals

Each order consists of one non-encrypted identification line, followed by the order and three blank lines (newlines).

Example non-encrypted identification line:

-----ORDER:  Reference #   Order Total    Date    Client E-mail

Filename extensions are set to .asc when using PGP encryption and no errors existed when message encryption was performed. Stored orders are encrypted.

Filename extensions are set to .txt when not using PGP encryption or when errors existed when PGP encryption was performed. Stored orders are not encrypted. Credit card fields are not stored in non-encrypted .txt files.

$save_orders should be restricted to a maximum of two time span file switches. One file type may be used for storing all orders received (year or month) and another file type may be used for storing orders which have not been processed (day or hour depending on your web site's traffic).

Stored orders are approximately 1.5K to 2.0K in size. This estimate does not include textarea form inputs.

WebStore performs no automated deletion of month and year order files. You must manually remove these files using FTP.

When saving orders, the client's shopping cart is deleted after the client's order submission is accepted. A processed cart file is created in the cart sub-directory which is used for generating client error messages for attempted multiple order submissions.

Setting $save_orders = '' disables storing submitted orders on the server.

Index

$background = 'image.jpg'; $bgcolor = '#FFFFFF'; # White $text_color = '#000000'; # Black $link_color = '#0000FF'; # Blue $vlink_color = '#0000A0'; # Dark Blue $alink_color = '#FF0000'; # Red

Values for background, bgcolor, text, link, visited link, and active link are set using $background, $bgcolor, $text_color, $link_color, $vlink_color, $alink_color respectively.

$background is the filename of the background image stored in the /Web_store/Graphics sub-directory.

The script determines whether to precede $backgound with $graphics_url or $ssl_graphics_url based on the setting of $ssl_url and the form action being processed: $graphics_url/$background OR $ssl_graphics_url/$background

Setting any of these variables = ''; disables printing their respective attribute within the opening <BODY> tag of WebStore, WS Editor, and WS Mail generated HTML pages.

For your store's frontpage, category frontpages, expanded item information pages, and order form, add the background and color attributes to the HTML file's <BODY> tag.

To configure specific color variables for any of the WebStore scripts, duplicate any color variable above in the script's setup file and set to the desired value. Any combination of these variables may be duplicated in the WebStore, WS Editor, or WS Mail setup file (outlet.setup, outlet_editor.setup, and ws_mail.setup respectively).

Font Control

The table below shows common fonts available on most PC's. Generally, Arials and Serifs will be available to the web browser. You may list more than one font, separated by a comma, in $data_font and $header_font. Place your FONT OF CHOICE as the first font listed for each variable.

Font Examples Algerian Arial Book Antiqua BrushStroke Comic Sans MS Courier Courier New First Grader Futura Gallery Helvetica Keystrokes MT Marquee Mead Bold Modern MS Sans Serif MS Serif MS-DOS CP 932 Old English Gothic Penyae Roman Sans Serif Script Small Fonts Stencil Times Roman Times New Roman University Verdana WingDings 3

Index

$data_font = '2'; $data_face = 'Arial,Helvetica';

$data_font and $data_face are the font size and face of text in WebStore, WS Editor, and WS Mail generated HTML pages.

$data_font is a whole number which defaults to '2' if mis-configured. $data_font is mandatory and can not be disabled.

Setting $data_face = ''; disables $data_face.

Index

$header_font = '2'; $header_face = $data_face;

$header_font and $header_face are the font size and face of text in table header rows in WebStore, WS Editor, and WS Mail generated HTML pages.

$header_font is a whole number which defaults to '3' if mis-configured. $header_font is mandatory and can not be disabled.

The value of $data_face is interpolated into $header_face.

To list specific fonts in $header_face which differ from the fonts listed in $data_face use the following format:

Font Examples
Algerian	Arial	Book Antiqua
BrushStroke	Comic Sans MS	Courier
Courier New	First Grader	Futura
Gallery	Helvetica	Keystrokes MT
Marquee	Mead Bold	Modern
MS Sans Serif	MS Serif	MS-DOS CP 932
Old English Gothic	Penyae	Roman
Sans Serif	Script	Small Fonts
Stencil	Times Roman	Times New Roman
University	Verdana	WingDings 3

$header_face = 'Verdana,Helvetica';

Setting $header_face = ''; disables $header_face.

Index

$demo = '';

When $demo = 1, the WebStore, WS Editor, and WS Mail scripts are placed in demonstration mode. Administrative and reseller (if configured) e-mail messages are sent to the client's e-mail address submitted on any form in these applications for the client's inspection. Send Mail functions are disabled in WS Mail.

When a demonstration order form setup file is defined in $demo_form_file in outlet.setup, WebStore appends an array for the demonstration order form to %form_files in outlet.setup. Using $demo_form_file will permit you to include additional descriptive text on the order form. The demonstration form file may also be used to modify and test an order form setup file using demonstration mode while WebStore processes orders using the order form(s) defined in %form_files.

Setting $demo = '' disables manual demonstration mode for WebStore and disables demonstration mode entirely for WS Editor and WS Mail. WebStore may be placed in demonstration mode by including a name=value pair for demo= in the query string for the first access to WebStore:

ws400CS.cgi?demo=Y

Removing $demo from this file or placing a # (pound sign) in column one disables demonstration mode entirely in WebStore.

Index

Addressing WebStore Sub-directories

For security purposes, consider the following:

Change the name of the following directories in ws_global.setup (this file) and on your server:

$libr_directory - if using real-time processing
$pgp_directory  - if using PGP encryption
$sale_directory - if storing orders

Move the following directories to an area which can not be accessed using a web browser or place the directories under HTACCESS:

$cart_directory - if using restricted access
$data_directory
$libr_directory - if using real-time processing
$sale_directory - if storing orders
$stat_directory
$user_directory

Placing $data_directory under HTACCESS will provide protection for the following sub-directories under $data_directory:
$clnt_directory
$mail_directory
$rstr_directory
$sale_directory

$data_directory = $basedir.'/'.'Databases'; # Setup files, databases $grph_directory = $basedir.'/'.'Graphics'; # Image files $html_directory = $basedir.'/'.'Html'; # HTML files $libr_directory = $basedir.'/'.'Library'; # Program libraries $logs_directory = $basedir.'/'.'Logs'; # Real-time logs $stat_directory = $basedir.'/'.'Statistics'; # Statistical files $cart_directory = $basedir.'/'.'User_carts'; # Shopping carts $user_directory = $basedir.'/'.'Users'; # User access files $banr_directory = $grph_directory.'/'.'Banners'; # Banner image files $clnt_directory = $data_directory.'/'.'Clients'; # Client form files $mail_directory = $data_directory.'/'.'Mail'; # Mailing lists $rcrt_directory = $cart_directory.'/'.'Restricted'; # Shopping carts $rstr_directory = $clnt_directory.'/'.'Restricted'; # Client files

Restricted Access File Storage

$rcrt_directory is the UNIX path to the directory where WebStore stores restricted access shopping carts.

$rstr_directory is the UNIX path to the directory where WebStore stores restricted access client form files.

Shopping carts and client form files for restricted access must be isolated from non-restricted files.

Restricted access in WebStore is activated by defining an access form file in $password_file in the store's setup file outlet.setup.

WebStore never accesses $rcrt_directory or $rstr_directory when $password_file = ''.

$pgp_directory = $basedir.'/'.'Pgp';

$pgp_directory is the UNIX path to WebStore's PGP directory.

$pgp_directory can point to your domain's .pgp directory by setting:

$pgp_directory = 'Path/To/.pgp';

WebStore never accesses $pgp_directory when $pgp = ''.

$sale_directory = $data_directory.'/'.'Sales';

$sale_directory is the UNIX path to the directory where WebStore stores submitted orders.

WebStore creates this directory when the first client order is submitted.

$sale_directory must be placed under a directory whose permissions are '777' or you must create the $sale_directory and set it's permissions to '777'.

WebStore never accesses $sale_directory when $save_orders does not match y, m, d, or h (case insensitive).

1; # DO NOT REMOVE IN ws_global.setup # End of file

Index | Top of Page

Previous \| Next	Main Index: Frames \| No Frames
Document: Frames \| No Frames