1. Disclaimer, legal stuff and technical support
   
2. Description of Contents of ZIP file
   
3. About Template.html
   
4. About lang.dat
   
5. How to install the Dansie Shopping Cart
   
6. Important rules of thumb
   
7. The SINGLE VARIABLE in cart.pl (for rare situations)
   
8. Setting HOST variables
   
9. Setting PERSONAL variables
   
10. How shipping is calculated
    
11. Setting SECURE SERVER variables (Real-time credit card processors)
    
12. Setting DATABASE variables (If you choose to use product databases)
    
13. Advanced Database Features
    
14. Miscellaneous features
    
15. Mall Version.
    
16. How to upgrade your old cart with the latest version.
    
17. Tell three friends and receive a free Dansie Shopping Cart software license.

• Is Personal Variable #55 set to 1?
• Is Personal Variable #66 set?
• Is Database Variable #1 set?
• If you are using the ssl.pl script to collect credit card info, are you using a site security certificate?
• If you are using the ssl.pl script to collect credit card info, and you have credit card info being emailed to you (SSV#11), are you using PGP? (SSV#10)
• If you are using the ssl.pl script to collect credit card info, and you have the cart recording that credit card info to data files on your website (SSV#8), is that credit card info being written to a directory that is NOT viewable with a web browser?
  • You can have the credit card info recorded to directories accessible from the web if it's protected by .htaccess and .htpasswd files and you use your website's site security certificate to download that info via "https".
• cgi-bin browsing. Does your host have your site configured so that your cgi-bin directory cannot be browsed? Go here:
  http://www.YourName.com/cgi-bin/
  If you see "Forbidden" or a similar message then that is good. If you see a listing of all the files in your cgi-bin directory and can view text files by clicking on them, that's NOT good. Ask your host to fix that so that your cgi-bin directory is NOT browsable. You should also get an Internal Server Error if you try to view a .dat file in your cgi-bin. If your server is not configured to protect you against cgi-bin browsing, or perhaps you are running the cart.pl script in a directory that is named something other than "cgi-bin", use the .htaccess file that comes in the ReadMe zip package. Be sure to upload this file in ASCII format and not binary format.
• Are all images being loaded in the cart's pages via "https"? Even if you have HV#1 and SSV#1 set with an "https" URL, if you have any images in your cart's pages with a "http" URL, web browsers will report that some data is not secure. This can make some shoppers concerned. To help browsers to stop complaining from some insecure content in the pages, check your lang.dat file and vars.dat file for any "http" URLs and replace them with "https". (A website SSL certificate is required to use https, of course.) Check the thumbnail "img" tags in your HTML forms and make sure you don't have "http" URLs there. See HV#3. It's best to only use image names in your "img" tags and put all the images in your thumbnail directory. Then you can make sure all thumbnail image URLs are "https" by setting HV#3 with an "https" URL.
• An email receipt from the shopping cart is NOT proof that you have received payment. Always check with your merchant account or credit card processor to confirm that a shoppers card has been approved for the correct amount prior to shipping any products. Some processors will email you a confirmation, others will also provide a way for you to login to your account and verify on their website. If a shopper places an order via the "Check or Money Order" payment option, likewise, you will want to receive and clear their check prior to shipping any products.
• Are you about to email us your FTP password? Don't. For your security, use our secure form instead.

About the "temp" directory
Most likely you will never need to look in this directory or even concern yourself with what is in it. It's a scratch pad (short term memory) for the cart program to write to in order to keep track of items shoppers are preparing to purchase. Some spammers have been known to try to post URLs to shopping carts, but their attempts are futile as this information is not seen by human eyes. If you see it in your temp directory, you can just disregard it. See PV#23 for information on setting the expiration date of this data. See also PV#88 and PV#89 for how to block abusive bots.

How to receive technical support:

• Please read all instructions carefully. Do not attempt to set any variables in the vars.dat file until you have read the corresponding instructions for that variable in this ReadMe. This is the single most important thing you can do to prevent problems.
• Always send the full URL to the cart.pl script in the subject of your email when you write so we can see it and help you. This is the same URL that is in Host Variable #1 in your vars.dat file. This is your customer ID and is required for all technical support. Example:
  Subject: http://www.YourName.com/cgi-bin/cart.pl
  If you have purchased a Mall Version license, send the merchant name too so we know which vars.dat file to look at. Example:
  Subject: http://www.YourName.com/cgi-bin/cart.pl?vars|MerchantName
• You may contact us through our website or email us at cart@dansie.net
  
  

cart.pl       (The cart script)
ssl.pl        (An extra script for SSL)
ssl.txt       (Variables file for ssl.pl)
ReadMe.html   (Instructions)
template.html (HTML form examples)
vars.dat      (Variables)
lang.dat      (Language)
shopperid.dat (An empty file. Each shopper will be assigned a number. 
               This file was formerly called "invoice.dat")
cart.gif      ("View Cart" image)
stuff.dat     (An example database file. The use of which is optional.)
.htaccess     (Can be used to protect your cgi-bin from directory browsing. 
               See Security Checklist in section 1 for details. )

1. You precede all single quotes with a back slash like so:
   <SELECT NAME=example OnChange=\'SomeFunction()\';>
2. Don't use any HTML comment tags <!-- -->.
3. Remove any blank lines from the script.
4. All statements must end with a semi-colon ";". "return true;" instead of "return true".

If you have never uploaded a CGI Perl script to your cgi-bin before, section 6 will provide you with some helpful tips.

STEP 1:

Set the first 5 HOST VARIABLES at the top of the vars.dat file. Only the HOST VARIABLES are required to get the script running. You can set the other variables later after you get cart.pl running. Refer to the HOST VARIABLES section below in this ReadMe for detailed instructions on the HOST VARIABLES. Do not attempt to run the cart.pl script on a site other than which it was licensed for.

STEP 2:

Upload all four of these files into the SAME directory, most likely your cgi-bin. Perhaps your cgi-bin will be called "cgi-local" or "cgi" or something similar. If your host says that scripts must have the ".cgi" extension, then rename "cart.pl" to "cart.cgi". The script can work either way.

File name:	Upload format:	Chmod (Unix only):
1) cart.pl	ASCII	755 (executable)
2) vars.dat	ASCII	Chmod not necessary
3) lang.dat	ASCII	Chmod not necessary
4) shopperid.dat	ASCII	777 (writable)

Chmod your cart.pl script 755. Chmod the shopperid.dat file 777. "chmod" is only necessary on a Unix host. If your site is hosted on a Windows NT server don't worry about "chmod".

STEP 3:

Make sure your cgi-bin's permissions are set to 755. If not then chmod your cgi-bin 755. Manually create a directory called "temp" with your FTP program inside your cgi-bin directory and chmod "temp" 777. (We formerly named this directory "carts". Either "temp" or "carts" will work fine.) The "temp" directory will be used by the cart.pl script as it's memory. It will use the "temp" directory to record shoppers cart contents. If permissions on this directory are not set as writable the cart.pl script may keep reporting, "Sorry, your cart is currently empty". Most likely you will never need to look in this directory or even concern yourself with what is in it.

STEP 4:

Point your web browser at your script like so:
http://www.YourName.com/cgi-bin/cart.pl?test

The script may give you further installation instructions if you forgot to do anything. If the cart tells you that you need to define a single variable at the top of the cart.pl script, then see the SINGLE VARIABLE section in this ReadMe (Section 7).

If the script is successfully installed, you will see a test item to put into the shopping cart. Put the test item into the shopping cart. If you see a display of that item in the shopping cart, then all is working fine. Now you can set all your other variables in the vars.dat file.

If your Dansie Shopping Cart is not working, or does strange things, see "Trouble Shooting" below.

STEP 5:

Refer to the Template.html for creating some of your own product forms, or the database section in this ReadMe for info on creating product databases. The use of product databases are optional.

Trouble Shooting:

If your shopping cart continually tells you that your cart is empty, manually create a directory called "temp" with your FTP program in your cgi-bin directory (same directory where your vars.dat and cart.pl script is in). Chmod "temp" 777 if your host is Unix.

If the shopper ID number never increments past "1", make sure "shopperid.dat" is in your cgi-bin and chmod "shopperid.dat" 777 (writable).

If you are hosted on a Windows NT host and the shopping cart keeps saying that it is empty, it is because the permissions on the "temp" directory is not globally writable. Contact your host and ask them to set permissions on the "temp" directory and the "shopperid.dat" file so that the cart.pl script will have permission to write and re-write to them. Go here for a diagnostic:
http://www.YourName.com/cgi-bin/cart.pl?write_test

If you get an Internal Server Error:

1. Read the important rules of thumb again (Section 6).
2. 1. Are you running/installing it on the domain that you registered the software license for?
   2. Does your host allow you to run Perl scripts?
   3. Did you upload cart.pl into a directory that your host allows you to run Perl scripts in? (Most commonly called "cgi-bin".)
   4. Did you upload cart.pl in ASCII format NOT binary?
   5. Did you chmod your cgi-bin and cart.pl script 755 (Unix only)?
3. Check your HOST variables in your vars.dat file.
4. Try changing the very first line in the cart.pl script from:
   #!/usr/bin/perl
   To:
   #!/usr/local/bin/perl
   
5. Email us at: cart@dansie.net. Include the exact URL to your cart.pl script and a copy of your vars.dat file and we will quickly help you figure out what's wrong.

HTML and FTP expert:

You must be an expert at HTML and FTP to install and enjoy the use of the Dansie Shopping Cart. You don't need to know anything about CGI or Perl. Always upload your perl scripts to your host in ASCII format. Not Binary. After uploading your script, chmod it 755 if your host is Unix. Make sure the directory that your cart.pl script is in is executable (755). Never touch the innards of the script. Only change the single variable at the top of the script if you need to. You may need to rename your script "cart.cgi" instead of "cart.pl" depending upon your host.

How to edit vars.dat and lang.dat files:

1. Always make a backup copy of vars.dat or lang.dat before you make changes to them. That way, if you bugger them up really bad, you can just revert to your backup copies.
2. Follow the instructions in the ReadMe for how to set the variables. Don't make any changes to your vars.dat or lang.dat file without reading what the ReadMe has to say about that variable first. This will save you a lot of trouble.
3. Be careful when making changes so that you do not over-write or erase variables or the arrow delimiters that go with the variables.
4. Use a plain text editor to open the file and always save as plain text. Microsoft's Notepad or Mac's SimpleText work good. Do not use an HTML editing program.
5. Upload/download the file to your cgi-bin in ASCII format only (as opposed to binary) You will find this setting in your FTP program.

System Paths and URLs:

This ReadMe will speak of "URLs" and "system paths". URL stand for Uniform Resource Locator. It is a website address that starts with "http" and is accessed via a web browser. A system path is a local path to a file on your hosts machine. Perl accesses files on your host's machine with system paths. System paths on Unix hosts start with a slash "/". System paths on Windows NT hosts start with a drive letter and a colon like so: "c:/home/YourName/cgi-bin/vars.dat"

URL examples:
https://www.dansie.net
https://www.dansie.net/cart.html

System path examples:
/usr/local/etc/httpd/cgi-bin
c:/home/YourName/cgi-bin

Try to keep this in mind and not get URLs and system paths confused.

How do you know if the script is working?

Just point your web browser to it with a "test" query string and it will give you diagnostic tools if you installed it correctly. Example, type this at the top of your web browser:
http://www.YourName.com/cgi-bin/cart.pl?test

If you get an Internal Server Error:

1. Read the important rules of thumb again (Section 6).
2. 1. Are you running/installing it on the domain that you registered the software license for?
   2. Does your host allow you to run Perl scripts?
   3. Did you upload cart.pl into a directory that your host allows you to run Perl scripts in? (Most commonly called "cgi-bin".)
   4. Did you upload cart.pl in ASCII format NOT binary?
   5. Did you chmod your cgi-bin and cart.pl script 755 (Unix only)?
3. Check your HOST variables in your vars.dat file.
4. Try changing the very first line in the cart.pl script from:
   #!/usr/bin/perl
   To:
   #!/usr/local/bin/perl
   
5. Email us at: cart@dansie.net. Include the exact URL to your cart.pl script and a copy of your vars.dat file and we will quickly help you figure out what's wrong.

$vars = "/your/system/path/to/your/data/file/vars.dat";
Or if on a Windows_NT server, something like this:
$vars =  "D:/home/YourName/cgi-bin/vars.dat";

1. Set HV#2 to a URL that does NOT load frames.
2. Set HV#12 to a URL that DOES load frames.
3. Set DBV#23 to a URL that does NOT load frames.
4. Leave HV#11 blank.
5. Make sure all your URLs in your "return" tags are a to a page that does NOT load frames.
<INPUT TYPE=HIDDEN NAME=return VALUE="http://www.YourName.com/rightframe.html">
6. If you want an <A HREF> link or a FORM's purchase button to load the cart in a different frame, then set the TARGET attribute to the name of the frame you want the cart to load in. Example:
<FORM METHOD=POST ACTION="http://www.YourName.com/cgi-bin/cart.pl" TARGET="right_frame">
7. Do not use TARGET attributes in a frame in which you want the cart to load in the same frame. Example:
<FORM METHOD=POST ACTION="http://www.YourName.com/cgi-bin/cart.pl">
The names of your frames are in the parent page that loads them. If you are not sure what the name of your frames are, ask your webmaster.

Email In General

RECORDING ORDER INFO TO FILES ON YOUR WEBSITE:
If your host's sendmail program isn't working, you don't have to miss an order. Just leave this variable blank and set Secure Server Variable #8, Personal Variable #69 and Personal Variable #80. The cart can then write order info to files on your website 10 ways from Sunday. If you get an internal server error going to a receipt page, or you see red text at the bottom of receipt pages, and you are not getting any email receipts from the cart, it could mean that you don't have this path set correctly. Ask your host what it is. Leave this variable blank until you get the correct path.

If you wish to run the cart indefinitely without sendmail and just append your orders to a data file instead, then set this variable to "off" like so:
6 Sendmail, Windmail or Blat path -->off
Then the cart will run without giving you the red diagnostic messages at the bottom of the receipt pages.

DIAGNOSING YOUR SERVER'S SENDMAIL PROGRAM:
If you have ran some test orders with the cart and didn't receive any email receipts, you may need to isolate your server's sendmail program and confirm that it's working. We have a variety of test scripts below that you can use for testing Unix sendmail programs as well as Blat and Windmail on Windows servers.

Unix sendmail test script: https://www.dansie.net/email_test.zip
Blat test script: https://www.dansie.net/blat_test.html
Windmail test script: https://www.dansie.net/windmail_test.html
Socket test script (Unix or Windows servers): https://www.dansie.net/email_socket.zip

If you don't receive an email from your sendmail program using the test script, then email the test script to your host and ask them for assistance.

EMAIL LOG
The cart has an email log (cart.pl version 3.43+) that can record the commands it used to access your server's sendmail program, the date/time and the email headers it sent as well. It can also record email addresses submitted by your shoppers that were refused due to improper email address format. This can be helpful when your less than savvy internet shoppers complain they can't place an order because their email address is being rejected. You can view the log to see what they actually entered. To activate the email log, create a file called "email_log.txt" in the same directory as your vars.dat file. Make sure you set write permissions on this file (chmod 666). After you run a test order, download email_log.txt via FTP and you can see the command the cart used to send information to your server's sendmail program.

SPECIAL NOTE ABOUT ssl.pl
If you are using the ssl.pl script and you are not receiving your customers credit card numbers via email from it, then see the "SENDMAIL VARIABLES" section near the top of the ssl.pl script. Be sure to use PGP to encrypt credit card data via email.

Unix Hosts

If your host is Unix, you will most likely be able to leave this variable blank. By leaving it blank the Dansie Shopping Cart will try to automatically detect the location of your hosts sendmail program. If the Dansie Shopping Cart can't find the location of your hosts sendmail program, then it will give you a red text diagnostic message saying so when you point your browser at:
http://www.YourName.com/cgi-bin/cart.pl?test

Ask your host for the location of the sendmail program and set it in this variable. Example:
6 Sendmail, Windmail or Blat path -->/usr/sbin/sendmail
Other common sendmail paths are:

/usr/bin/sendmail
/bin/sendmail
/usr/lib/sendmail

If you see no red text diagnostic message, yet you don't receive email receipts from the cart.pl script, ask your host what the correct system path is to the sendmail program and set that in HV#6.

-f Switch

If the customer receives an email receipt but the merchant does not, it could be that your host has the sendmail program configured to require the -f switch. By looking in the full headers of the email that the customer receives, you may find this:
X-Authentication-Warning: server099.server.com: user set sender to sales@yourname.com using -f
Notice where it mentions the -f switch. Some hosts require that you use the -f switch and this is a clue. If so, set HV#6 like so:
6 Sendmail, Windmail or Blat path -->/usr/sbin/sendmail -f webmaster@YourName.com
You would set the system path, followed by a space character, -f, another space character, then an authorized email address that contains your domain name.

An unusual possibility is that your host's sendmail program wont work if the -f switch is used. If you have confirmed this fact after running tests with the email_test.pl script, you can completely turn the use of the -f switch off in the cart.pl script by setting Host Variable #6 like so:
6 Sendmail, Windmail or Blat path -->no_f_switch|/usr/sbin/sendmail
This works with cart.pl version 3.64 and ssl.pl version 3.20.

-t Switch

If your host requires the use of the "-t" switch then set Host Variable #6 with the correct sendmail path, followed by a space character and then "-t". For example:
6 Sendmail, Windmail or Blat path -->/usr/sbin/sendmail -t

If your website is on a Unix server and you aren't receiving any email receipts from the cart then use this test script to isolate your host's sendmail program from the cart to first confirm that your host's sendmail program is working.

Windows Servers/Hosts

Blat

The Dansie Shopping Cart can work with a program called Blat to send email. Ask your host what the system path to Blat is. Ask them to install Blat too if they haven't already done so.
Get Blat here: http://gepasi.dbs.aber.ac.uk/softw/Blat.html
Or: https://www.dansie.net/blat15i.zip
Example:
6 Sendmail, Windmail or Blat path -->C:/winnt/system32/blat.exe
Or backslashes may be necessary:
6 Sendmail, Windmail or Blat path -->C:\winnt\system32\blat.exe
Have your host run Blat like so to initialize it:

c:\WINNT\SYSTEM32\Blat.exe -install mail.yourhost.com youruserid@yourname.com

If your host requires that you pass the SMTP address to blat.exe then set this variable like so:
6 Sendmail, Windmail or Blat path -->C:/winnt/system32/blat.exe|mail.hostname.com
The system path to blat.exe, then a "|" pipe character, then the SMTP address.

If you are using Blat and you aren't receiving any email receipts from the cart then use this test script and instructions to isolate Blat from the cart to first confirm that Blat is working.

Windmail

The Dansie Shopping Cart can also work with Windmail. If using Windmail, ask your host what the system path is and set this variable like so:
6 Sendmail, Windmail or Blat path -->C:/winnt/system32/windmail.exe
Or backslashes may be necessary:
6 Sendmail, Windmail or Blat path -->C:\winnt\system32\windmail.exe
Or maybe just:
6 Sendmail, Windmail or Blat path -->windmail.exe
Get Windmail here: http://www.geocel.com/windmail/

If your host doesn't have a system windmail program for everyone to use, upload your own:

Make sure your host will allow you to run executables in your cgi-bin and get their SMTP address.

Set your hosts SMTP address in the windmail.ini file.

Upload the two files "windmail.exe" and "windmail.ini" into your cgi-bin.

Set Host Variable #6 as "windmail.exe"

If you are using Windmail and you aren't receiving any email receipts from the cart then use this test script and instructions to isolate Windmail from the cart to first confirm that Windmail is working.

Unix and Windows Servers/Hosts

SMTP Socket

The Dansie Shopping Cart (cart.pl version 3.41+ and ssl.pl 3.09+) can also work with an email server's socket. Ask your host what the SMTP address is and set this variable like so:
6 Sendmail, Windmail or Blat path -->socket|mail.YourServer.net
Put "socket", then a "|" pipe character, then your server's SMTP address.
The Dansie Shopping Cart (cart.pl version 3.62+ and ssl.pl 3.17+) also allow you to set the Return-path header of the email to comply with your server's spam prevention requirements. Set this variable like so:
6 Sendmail, Windmail or Blat path -->socket|mail.YourServer.net|webmaster@YourName.com
Notice there are 3 fields and 2 pipe delimiters. The third field should be a valid email address of your domain name such as postmaster@YourName.com or webmaster@YourName.com
If your host allows you to use their socket, they gave you their SMTP address, you set HV#6 correctly and you aren't receiving any email receipts from the cart, then use this test script and instructions to isolate your hosts email socket and server and confirm it's working first.

Examples:
/path/to/cgi-bin/temp          (UNIX)
D:/home/YourName/cgi-bin/temp  (Windows_NT)

Examples:
/path/to/cgi-bin/shopperid.dat         (UNIX)
D:/home/YourName/cgi-bin/shopperid.dat (Windows_NT)

/path/to/cgi-bin/lang.dat          (UNIX)
D:/home/YourName/cgi-bin/lang.dat  (Windows_NT)

sales@YourName.net, orders@YourName.net, dropshipper@YourName.net

• Set this variable with a hexadecimal value such as #FFFFFF (white) or #000000 (black).
• If you do set HV#5 with a URL to wallpaper, be sure that the hexadecimal value in PV#15 is of approximate color to your wallpaper
• Make sure that this color CONTRASTS with the font colors you have set in PV#16 and PV#19.

3.0  = three days.
1.0  = one day.
0.5  = 12 hours.
0.08 = two hours.
0.04 = one hour.

• Secure Online Credit Card Transaction
• Online Check Draft
• COD
• Auxiliary Payment Option

• Credit Card Transaction Via Telephone
• Check Or Money Order

Order sub-totals Under $55                            - $3.95 s&h
Order sub-totals Under $100 (but greater than $54.99) - $5.00
Any order $100 and over                               - s&h is free.

• Set this to 0 if you want the cart to identify your customer by their IP address, browser and operating system info alone and not use cookies.
  • If you have cookies disabled in your browser, and your ISP changes your IP address while you are still connected to the internet, then the cart will not be able to re-identify you and you will get a "Shopping Cart Empty" message.
  • If you have cookies disabled in your browser, and your ISP issues you a shared IP address, and another shopper happens to have the same IP address, browser and operating system info, you may experience a "shared basket".
  
  
• Set this to 1 if you want the cart to identify your shoppers using cookies. If you set this to 1 and your customer has their cookies turned off in their browser, the Dansie Shopping Cart will automatically use your customer's IP address, browser and operating system info for identification instead.
  • If you have cookies disabled in your browser, and your ISP issues you a shared IP address, the cart can identify you by your IP address and distinguish you from other shoppers using the same IP address by your browser and operating system info.
  • If you have cookies disabled in your browser, and your ISP changes your IP address while you are still connected to the internet, then the cart will not be able to re-identify you and you will get a "Shopping Cart Empty" message.
  • If you have cookies disabled in your browser, and your ISP issues you a shared IP address, and another shopper happens to have the same IP address, browser and operating system info, you may experience a "shared basket".
  
  
• Set this to 2 if you want the cart to only use cookies to identify your shoppers.
  • You could lose some shoppers this way who have cookies disabled, but have unique IP/browser/OS info. However, you will never have two shoppers experiencing a shared basket.

• Disable Payment Option. If you set it to 0, the cart will not display this payment option.
• ssl.pl. If you set it to the full URL of your ssl.pl script, the cart will collect your customers check information and email it to you. The information can be collected securely too if the URL begins with "https". Various software is on the market that you can use to print the checks with.
• PayByCheck.com/iCheck. If you set this to "icheck", the cart will take your customers shipping address and then send them to http://www.i-check.net (i-check.net and http://www.paybycheck.com are the same company.) to submit their check information. If you have an account with i-check and wish to set this variable to "icheck", login to your account with i-check and set your return URL like so:
  http://www.YourName.com/cgi-bin/cart.pl?icheck1212abc
  This is the full URL to your cart, followed by a "?" then "icheck" then the unique random id that you define in Secure Server Variable #6.
  A "failure" URL would be:
  http://www.YourName.com/cgi-bin/cart.pl?failure
  If you are using the Dansie Shopping Cart Mall Version, then make the link like so:
  http://www.YourName.com/cgi-bin/cart.pl?icheck1212abc&merchant=MerchantName
  A "failure" URL with the mall version would be:
  http://www.YourName.com/cgi-bin/cart.pl?failure&merchant=MerchantName
  Last put your i-check ID in Personal Variable #50.
• Signio/Verisign Telecheck. If you set this to "telecheck", the cart will take your customers shipping address and then send them to Signio (Verisign's Telecheck service) to submit their check information. If you have an account with Signio/Verisign and wish to set this variable to "telecheck", login to your Signio/Verisign account and set your return URL like so:
  http://www.YourName.com/cgi-bin/cart.pl?check1212abc
  This is the full URL to your cart, followed by a "?" then "check" then the unique random id that you define in Secure Server Variable #6.
  Last make sure your Signio/Verisign login ID is in Personal Variable #50.
• CHEXpedite If you set this with your full URL to CHEXpedite, then the cart will take your customers shipping/billing address and then send them to CHEXpedite for electronic check processing. Set your CHEXpedite ID in Personal Variable #50.

Currency Exchange Rate Feature:
If you are having the Dansie Shopping Cart use a currency other than US Dollars, but need to have it translated to US Dollars before sending the customer to i-Check, then set this variable like so:
00000000|.80
The first field to the left of the "|" character will be your ID with i-Check like normal. The field on the right of the "|" character will be the exchange rate. The total will be divided by the number you place here before the customer is sent to i-Check.

abc|10%
def|15%
123|10
456|50

• It is highly recommended to leave this variable set to 0. If you use custom description tags to take custom information from your customers such as size and color of products, that information will be emailed to you in the order and emailed to the customer in their receipt.
• If you set this variable to 1, then you will not get the custom description details in the email receipts. Your customers will though.
• If you set this variable to 2, then the custom descriptions will only show in database displays but not on the "Shopping Cart Contents:" page, not on the receipt page and not in the email receipts.
• If you set this variable to 3, custom descriptions will be displayed in all places as normal. However, custom description info from database displays will not be brought into the cart contents page or email receipts. But customer selected options such as OPTIONS, CHECKBOX, TEXT and QUANTITY will. This enables you to include large amounts of product description in your database displays, without the unnecessary info taking up too much paper when printing out receipts.

18 -->Mimimum Order:<BR>To place an order, the subtotal must be a minimum of:

176 -->You have reached the Maximum Order amount allowed. If you wish to place an order this large, please call us directly.

1. Shopper ID number (coupon codes will appear here too separated by a dash "-" if used.)
2. Customer name and company name
3. Email address
4. Phone number
5. Order total (including shipping and sales tax)
6. Shipping charges
7. Shipping method
8. Products ordered (comma delimited) the prices and custom descriptions of each item (:: delimited). The quantity of each item will also appear in parenthesis.
9. Date
10. Sales tax
11. Shipping Address
12. City
13. State
14. Zip
15. Country
16. The payment method chosen by your customer
17. Billing name and billing company name
18. Billing address
19. Billing city
20. Billing state
21. Billing zip
22. Billing country
23. Billing phone number
24. Billing email
25. Customer comments, if any. Original line breaks are replaced with a "" character.

• Set the URL to the real-time processors processing script in this variable followed by a pipe character then your login ID. For example:
  71 Auxiliary Real-Time Credit Card Processor Payment Option -->https://secure.hurstlinks.net/~cubecard/checkout.php|YourLoginID
  Or:
  71 Auxiliary Real-Time Credit Card Processor Payment Option -->https://www.paypal.com/us/cgi-bin/webscr/|Your@Email.com Or:
  71 Auxiliary Real-Time Credit Card Processor Payment Option -->https://www.YourName.com/cgi-bin/ssl.pl
• Be sure you have lang.dat #154 in your lang.dat file. Adjust it to say whatever you like. Examples:
  154 -->AT&T Payment Option
  154 -->CubeCard
  154 -->PayPal

• If a shopper selects a different state/country for their shipping address than they selected for their sales tax location, the cart will prompt them to go back and fix the discrepancy.
• If a shopper selects a state/country for their shipping address that also appears in PV#13 (a sales taxable state) and if they did NOT select that they lived in that sales taxable area, the cart will automatically apply the sales tax.

• Make sure you have the latest lang.dat file with lang variables #159, 160 and 161.
• You must have PV#74 and PV#75 filled with lists of states and countries.
• The list of taxable locations in PV#13 needs to match (exactly) the corresponding locations you have set in PV#74. For example, if one is set with "ON Ontario" and the other is set with "Ontario" there can be no match.
• PV#43 needs to be activated if this variable is set to "1".

1. Shopper ID number (coupon codes will appear here too separated by a dash "-" if used.)
2. Customer name and company name
3. Email address
4. Phone number
5. Order total (including shipping and sales tax)
6. Shipping charges
7. Shipping method
8. Products ordered (comma delimited) the prices and custom descriptions of each item (:: delimited). The quantity of each item will also appear in parenthesis.
9. Date
10. Sales tax
11. Shipping Address
12. City
13. State
14. Zip
15. Country
16. The payment method chosen by your customer
17. Billing name
18. Billing address
19. Billing city
20. Billing state
21. Billing zip
22. Billing country
23. Billing phone number
24. Billing email
25. Customer comments, if any. Original line breaks are replaced with a "" character.

• Set the URL to the real-time processors processing script in this variable followed by a pipe character then your login ID. For example:
  81 Second Auxiliary Real-Time Credit Card Processor Payment Option -->https://www.paypal.com/us/cgi-bin/webscr/|Your@Email.com
  Or:
  81 Second Auxiliary Real-Time Credit Card Processor Payment Option -->https://www.SomeProcessor.com/process.cgi|9876543
  Or:
  81 Second Auxiliary Real-Time Credit Card Processor Payment Option -->https://www.YourName.com/cgi-bin/ssl.pl
• Be sure you have lang.dat #165 in your lang.dat file. Adjust it to say whatever you like. Examples:
  165 -->PayPal
  165 -->SomeProcessor.com

• Never round up. Set this to 0 if you want the cart to not round up the weight of the order. For example, if all the items in a shoppers basket weigh 0.5 pounds/kilos/units, then the cart will calcualte 0.5 pounds times the first pound charge set in PV#30.
• Round up for first pound only. Set this to 1 if you want the cart to round up the weight of the order to the next whole number if the total weight of the shoppers order is greater than 0 yet less than 1 pound/kilo/unit. For example, if all the items in a shoppers basket weigh 0.5 pounds, it will be rounded up to 1 but 1.5 would not be rounded up to 2.
• Always round up. Set this to 2 if you want the cart to round up the weight of the order (if the weight is a non-whole number) to the next whole number no matter the weight of the order. For example, if all the items in a shoppers basket weigh 0.5, its pounds will be rounded up to 1.
  1.5 would be rounded up to 2.
  4.1 would be rounded up to 5.
  7.7 would be rounded up to 8.

order allow,deny

deny from 82.135.148.187
deny from 85.222.86.50
deny from 194.33.189.47

allow from all

The Dansie Shopping Cart can currently calculate shipping six different ways:

1. By the total weight of all the items. You define the weight of each item. Set Personal Variable #27 to "1" for this method.
2. A flat fee per item. Example:
   <INPUT TYPE=HIDDEN NAME=sh VALUE="3.50">
   Set Personal Variable #27 to "1" for this method. Set PV#30 and PV#31 to something like "1,1.5,2".
3. Based upon flat rates at various increments of the subtotal. See Personal Variables #34 and #35. Set Personal Variable #27 to "2" for this method.
4. Based upon percentages at various increments of the subtotal. See Personal Variables #34 and #35. Set Personal Variable #27 to "2" for this method.
5. Custom Database Shipping Tables. If your shipping company doesn't have consistent prices for each additional pound, then this is for you.
6. No shipping. You can turn off all shipping calculations in the cart and just say, "Shipping Included" somewhere on your website.

SHIPPING TYPE ONE: By the pound/kilo/unit:
(When var #27 above is set to 1)

Shipping for an item will be calculated according to the sh VALUE in the forms of your HTML pages. Example:
<INPUT TYPE=HIDDEN NAME=sh VALUE="1"> (See Template.html)
Or by the value of the shipping field in your flat-file databases. The script will multiply the sh VALUE times the value of #31 above to determine shipping for that item. If your item is heavier, set the sh VALUE to 2,3 or 10. The denomination of the sh VALUE can be pounds, kilograms, or just hypothetical units. This denomination should be defined by #32 above. #32 will be displayed in your script if (#28) is set to 1 and also it is displayed in the email receipts that the script sends to you after orders have been placed.

Note: The first pound/kilo of the first item will not get the value of #31 but rather the value of #30. This insures that you wont charge someone 50 cents for shipping a one pound item but have to pay $5.95 yourself. Also, if your customer orders only one or two items that weigh less than one pound, the cart will charge them for a full pound. It will charge a minimum of one pound.

An example of setting up shipping by the pound/kilo/unit:

Let say that you decide that each unit (#32) is one pound and you set #32 to "lbs". You call some shipping companies and get current prices as to how much they charge for the first pound and each additional pound. Set #30 to the price for the first pound. If five day ground mail is 5.95 and 2 day air is 8.95 and overnight is 18.95, then set #30 to: (5.95,8.95,18.95); Set #31 the same way except how much you want to charge for each additional pound. eg,(.50,.75,.85);. If an item weighs 1 pound then you will put
<INPUT TYPE=HIDDEN NAME=sh VALUE="1">
in the HTML form in the page where it is sold. If an item weighs 2 pounds then you will put
<INPUT TYPE=HIDDEN NAME=sh VALUE="2">
in the HTML form in the page where it is sold. The shopping cart will multiply the sh value, times the quantity of that item purchased, times #31 (according to shipping method chosen). Then it will substitute one of the regular price values for the #30 values. Therefore:
shipping = (Initial unit cost) + ( (units-1) x price per additional unit)
OR, another way to look at it is:
shipping = (first pound price) + ( (pounds-1) x price per additional pound)

SHIPPING TYPE TWO: Flat fee per item:
(When var #27 above is set to 1)

If you want to charge just a flat shipping fee for each item, in terms of dollars (lets say $4.00), then put this in your form:
<INPUT TYPE=HIDDEN NAME=sh VALUE="4.00">
(Or put "4.00" in the appropriate field in your database if using them.)
and set both #30 and #31 to something like this: (1,1.5,2). This way your cheapest form of shipping will be $4.00, your next shipping method would be $6.00 (4 x 1.5) and your most expensive shipping method would be $8.00 (4 x 2).

Remember, you can provide as many shipping locations as you wish and to as many states and countries as as you like. All you have to do is put more locations (or speeds such as "overnight") in #29, and more values in #30 and #31.

SHIPPING TYPE THREE: Scaled according to the subtotal with flat rates at various increments:
(When var #27 above is set to 2)

This is an easier way to set up your shipping charges, but not as accurate as by the pound/kilo. If you use this method, you will not have to use the "sh" hidden input tags in your HTML forms. Example:
<INPUT TYPE=HIDDEN NAME="sh" VALUE="1">
(Wont be necessary in your forms.)

Example:
$5 shipping for orders totaling $100 or less.
$10 shipping for orders totaling $200 or less.
$50 shipping totaling $1000 or less.
Over $1000, free shipping.

Read PERSONAL VARIABLE #34 and #35 above for details about how to use this shipping method.

If you don't want shipping considered on some particular items, then use a tag like so in your HTML forms:
<INPUT TYPE=HIDDEN NAME="custom1" VALUE="#noshipping#">

SHIPPING TYPE FOUR: Scaled according to the subtotal with percentage rates at various increments:
(When var #27 above is set to 2)

This is an easier way to set up your shipping charges, but not as accurate as by the pound/kilo. If you use this method, you will not have to use the "sh" hidden input tags in your HTML forms. Example:
<INPUT TYPE=HIDDEN NAME="sh" VALUE="1">
(Wont be necessary in your forms.)

Example:
5% shipping for orders totaling $100 or less.
4% shipping for orders totaling $200 or less.
3% shipping totaling $1000 or less.
2% shipping totaling $1000000 or less.
Free shipping when subtotal is over $1000000.
You customize the increments and charges of course.
Read PERSONAL VARIABLE #34 and #35 above for details about how to use this shipping method.

SHIPPING TYPE FIVE: Custom Database Shipping Tables:
(When var #27 above is set to 1)

This method may be used in combination with Shipping Type One and Shipping Type Two. Say you have a shipping company that has an unusual pattern for each additional pound when shipping to Australia. You could set PV#29 like so:
29 Shipping methods -->Standard UPS,2 day UPS,Next day UPS,Europe,Australia
Then you could set PV#30 and #31 like so:
30 Initial shipping cost of first pound -->5.95,8.95,18.95,15.00,shipping.dat
31 Shipping cost for each additional pound -->.50,.50,.50,2,shipping.dat
Notice the fifth field separated by commas in PV#30 and #31 has "shipping.dat" in there instead of a numeric value. This tells the Dansie Shopping Cart to look for this plain text database file in the same directory that your vars.dat file is in. This "shipping.dat" file could look like so:

0.5|12
1|20
1.5|22
2|25
3|31
4|32
5|38
6|39
7|50

Pounds/Kilos are in the left fields and the shipping charges are in the right fields. Make sure you put them in order from 1 pound all the way as high as you wish to define your shipping charges. Decimals can be used as you see in the example. You can name the "shipping.dat" file anything you like. Also, you can use as many shipping.dat files as you like too. Just name them slightly different like "ship1.dat", "ship2.dat", etc.

You can also skip weight increments like so:

150|47.95
200|78.29
250|98.29

In the above example, the cart would change $47.95 from 150-199 lbs. It would charge $78.29 from an order totalling 200-249 lbs.

SHIPPING TYPE SIX: No shipping:
(When var #27 above is set to 0)

No shipping. You can turn off all shipping calculations in the cart and just say, "Shipping Included" somewhere on your website or even in your "lang.dat" file.

• Collect your customers credit card numbers for you. Then you can process the orders manually though your merchant account.
• Work seamlessly with the services of a real-time credit card processor.
• Not accept credit cards as a payment option at all.

COMPATIBILITY NOTICE: The Dansie Shopping Cart is compatible with each of the real-time credit card processors listed in this section concerning basic credit card processing. The cart will POST the full total, shopper ID, customers name and billing address to the credit card processor's website for processing. The cart.pl script will issue the shopper a web page receipt if your credit card processing account is properly configured to return the shopper back to the "Return URL" after a credit card is approved. The cart does NOT work with any other services of the processors listed in this ReadMe except as specifically stated, such as, recurring billing, book transactions, authorize only transactions, etc.

BACKWARDS COMPATIBILITY NOTICE: In the past some online real-time credit/debit card processors have made NON-backwards compatible changes to the way their system works which caused the Dansie Shopping Cart (and other shopping cart softwares) to no longer be able to work with them. We recommend that you inquire of your processor if they intend to remain backwards compatible and encourage them to do so. Dansie Website Design will not be responsible for loss of compatibility if your processor should make some non-backwards compatible changes. If this occurs, let us know and we can try to adjust the Dansie Shopping Cart to keep up with their non-backwards compatible changes. In some cases where the processors changes were too radical, we had to remove them from our list of compatible processors below.

DUAL EMAIL RECEIPT NOTICE: The cart.pl script will email you a copy of the order details concerning the names and prices of the items that your shoppers order. The cart will pass the full total, shopper ID, customers name and billing address to the credit card processor for processing. The cart does NOT pass the details of the items your shoppers are ordering to the credit card processors. You will receive 2 emails for each credit card order. One from the cart.pl script with the order details, and a second email from your credit card processor confirming that your customer's credit card was approved. The cart inserts the shopper ID in the subject of the email for easy matching with the email receipt from the credit card processor. See Personal Variable #2 and Secure Server Variable #13 in this ReadMe for how to tell the cart which email address(es) to email the order details to.

1. 2Checkout
   
2. ArvicSecure
   
3. AuthorizeNet
   
4. Bank of America eStores
   
5. BluePay
   
6. Cardservice International Linkpoint and Clear Commerce
   
7. CubeCard
   
8. eProcessingNetwork (Controlled Devices)
   
9. eWAY
   
10. GORealtime E-Commerce Transaction Processing
    
11. InternetSecure
    
12. iTransact
    
13. NetBanx.com
    
14. PayPal
    
15. PayReady.net
    
16. PSiGate
    
17. SECPay
    
18. SecureHosting.com
    
19. SecurePay.com
    
20. securetrading.com
    
21. Signio
    
22. Skipjack
    
23. Verisign
    
24. WorldPay
    

1. Set Secure Server Variable #1 to:
   https://secure2.authorize.net/gateway/transact.dll
   For QuickCommerce accounts, set SSV#1 to:
   https://secure.quickcommerce.net/gateway/transact.dll
   For TRANSACT-SECURETM posting set SSV#1 to:
   https://verify.ishopsecure.com/authorizenet/cgi_bin/verify.cgi
   For richsolutions.com, set SSV#1 to:
   https://www.richsolutions.com/Pay/WebLink.aspx
   For the other clones, set SSV#1 to the transaction posting URL they provide you.
   
2. Set SSV#2 with your AuthorizeNet or clone Login ID.
3. Set SSV#9 with your AuthorizeNet transaction key. You must have cart.pl version 3.39+. Example:
   9 -->txnkey=abcd1234
   Replace the "abcd1234" with your exact AuthorizeNet transaction key.
   Set PV#55 to 1 to disable diagnostics so your variables can't be viewed from any web browser.
4. Upload the SimLib.pm and SimHMAC.pm files provided by AuthorizeNet to the same directory that your cart.pl script is located in. These files need to be uploaded in ASCII format and not binary. If you need any help locating or downloading these files you will need to contact AuthorizeNet technical support for assistance.
5. AuthorizeNet accounts login here: https://secure.authorize.net
   QuickCommerce accounts login here: https://secure.quickcommerce.net
   
   1. Inside your AuthorizeNet account locate Home, under Accounts, click Settings, under Transaction Response Settings, click Response/Receipt Urls, pick your Default Receipt Url, click Edit.
   2. Default Receipt Link URL
      Enter a default URL to link the customer to your website from the Receipt Page. This default URL will be used in the event that a Receipt Link URL is not passed with the transaction.
      URL: http://www.YourName.com/cgi-bin/cart.pl?SSV#6
   3. Receipt Method
      Specify the method that should be used to render the page that the customer is linked to from the Receipt Page
      LINK, GET or POST
      Select LINK
   4. Receipt Link Text
      Enter the text that will be displayed as a link.
      Link Text: http://www.YourName.com/cgi-bin/cart.pl?SSV#6
6. Mall Version note: If you are using the Dansie Shopping Cart Mall Version, set your Return Link URL like so:
   http://www.YourName.com/cgi-bin/cart.pl?SSV#6|merchant|MerchantName
   Change SSV#6 to what you have in SSV#6 and "MerchantName" to what the merchant's name is.
   Alternatively it can be:
   http://www.YourName.com/cgi-bin/cart.pl?SSV#6&merchant=MerchantName
   Using "&" and "=" instead of the two pipe "|" characters.
   
7. Set SSV#9 with x_Type to tell AuthorizeNet if you want AUTH_ONLY or AUTH_CAPTURE. Example:
   9 -->txnkey=abcd1234,x_Type=AUTH_ONLY
   Separate it from the txnkey with a comma. If you don't set x_Type in SSV#9, the default value sent to AuthorizeNet will be AUTH_CAPTURE.

• Set this URL in SSV#1:
  https://www.eprocessingnetwork.com/cgi-bin/dns/order.pl
• Set your login ID with eProcessingNetwork in SSV#2
• Set all variables in this section as instructed. Ignore Secure Server Variables #9 and #10.

• Put this URL in Secure Server Variable #1:
  https://secure.internetsecure.com/process.cgi
• Set your merchant ID with InternetSecure in Secure Server Variable #2.
• Since InternetSecure needs to know what currency and language you are using, set your currency flag and language in Secure Server Variable #9 separated by a comma. Example:
  9 InternetSecure currency flag -->{US},english
  If you want to run test orders first, set SSV#6 like so:
  9 InternetSecure currency flag -->{US}{TEST},english
  Remove {TEST} from SSV#6 when you want to go live.
• Login to your InternetSecure account and set your Return URL to:
  http://www.YourName.com/cgi-bin/cart.pl?SSV#6
  This URL needs to be exactly what you have in HV#1 plus a question mark, plus what you have in SSV#6.
• The SSV#6 at the end of the above URL is what you define in variable SSV#6 below.
• It is also recommended to set your email address in SSV#13.
• If you have PV#74 set with a list of states, you may want to set it with abbreviations of states instead as InternetSecure doesn't recognize the full state names, but rather just the two letter abbreviation. Or both like so:
  -->AL Alabama,AK Alaska,AZ Arizona,etc

• Ask iTransact which one of these URLs you should put in Secure Server Variable #1:
  https://secure.redi-check.com/cgi-bin/buynow/buynow.cgi
  https://secure.itransact.com/cgi-bin/mas/buynow.cgi
  https://secure.paymentclearing.com/cgi-bin/mas/buynow.cgi
• Put your iTransact Merchant ID in Secure Server Variable #2.
• SSV#9 is used as a special flag for the "ret_mode" value with iTransact. Set it to either "redirect" or "post" or leave it blank. Blank or "redirect" are the recommended setting. Blank should help prevent warning messages from browsers upon leaving the iTransact website.
• Also, if you accept online checks with iTransact, then put "acceptchecks" in SSV#9 as well. Example:
  9 -->post,acceptchecks
  
• If you wish do preauth only, set SSV#9 like so:
  9 -->post,acceptchecks,preauth
  
• A test credit card number to use with the testaccount is "5454545454545454". Use any expiration date greater than today.

• You will need to login to your account at CSI or ClearCommerce and set up your account. CSI or ClearCommerce will provide you with your login name and password. HLPADMIN url is:
  https://secure.linkpt.net/admin/000000/hlpadmin
  where 000000 is your 6 or 10 digit storename.
• Login to your account set up and set the "Thank You" Page URL to:
  http://www.YourName.com/cgi-bin/cart.pl?SSV#6
  This URL needs to be exactly what you have in HV#1 plus a question mark, plus what you have in SSV#6.
• The SSV#6 in the URL above is what you define in variable SSV#6 below.
• Set your "Sorry" Page URL to:
  http://www.YourName.com/cgi-bin/cart.pl?failure
  
• Mall Version note: Set the "Thank You" and "Sorry" page URLs like so:
  http://www.YourName.com/cgi-bin/cart.pl?SSV#6&merchant=MerchantName
  http://www.YourName.com/cgi-bin/cart.pl?failure&merchant=MerchantName
  Change SSV#6 in the URL above to what you have in SSV#6 and "MerchantName" to what the merchant's name is. If you have the standard version shopping cart and not the Mall Version, ignore this point.
• Set your "Order Submission Form URL" to the same URL that you have in Host Variable #1 of your vars.dat file.
• Do NOT checkmark "Check here if this url is a CGI script." for both Thank You and Sorry page URLs.
• DO checkmark "Check if you wish to automatically display specified URL after the LinkPoint HTML receipt page." for both Thank You and Sorry page URLs.
• Disable the shipping address collection fields in your CSI account as the shopping cart collects that info for you.
• Cardservice will tell you to set one of these URLs in Secure Server Variable #1:
  https://www.linkpointcentral.com/lpc/servlet/lppay
  https://secureweb.clearcommerce.com/cgi-bin/hlppay
  https://secure.linkpt.net/lpcentral/servlet/lppay
• Put your CSI Linkpoint or ClearCommerce Merchant ID in Secure Server Variable #2.
• A test credit card number to use with the testaccount is "5419 8400 0000 0003", Visa, any expiration date greater than today.
• You can set SSV#9 with CSI's txnmode and txntype variables. Examples:
  9 -->txnmode=test,txntype=preauth
  9 -->txntype=sale
  txntype only works with cart.pl version 3.41+. Consult CSI for other possible values that can be used with these variable names.

• Put this URL in Secure Server Variable #1:
  https://secure.gorealtime.com/authorize.exe
• Put your login ID in Secure Server Variable #2.
• A test login ID number to use in SSV#2 is: 8013732645
• A test credit card number to use with the test account is "4005550000000019", Visa, exp: 12/00.

• Put this URL in Secure Server Variable #1:
  https://www.secpay.com/java-bin/ValCard
  
• Put your Merchant ID with Secpay in Secure Server Variable #2 followed by "-jredir". Example: "YourID-jredir".
• A test Merchant ID number to use in SSV#2 is: "test-jredir"
• A test credit card number to use with the test account is "5419840000000003", Visa.

1. Set Secure Server Variable #1 with:
   https://payflowlink.paypal.com
   Old Signio accounts would use:
   https://payflowlink.signio.com/paylinks.dll
   
2. Put your Verisign login ID in Secure Server Variable #2.
3. The "PARTNER" ID is required for all new Verisign accounts as of Feb 15th 2001. Set your partner ID in SSV#9 like so:
   -->partner=PartnerName
   
4. Login to your VeriSign Manager utility and set your Return Link URL.
   Logon to https://manager.verisign.com click on account info/payflow link info/look in form config section (first section of edit config screen). Set the Return Link URL like so:
   http://www.YourName.com/cgi-bin/cart.pl?SSV#6
   The SSV#6 in the URL above is what you define in variable SSV#6 below.
   
   • If you are using the Dansie Shopping Cart Mall Version, set your Return Link URL like so:
     http://www.YourName.com/cgi-bin/cart.pl?SSV#6|merchant|MerchantName
     Change SSV#6 to what you have in SSV#6 and "MerchantName" to what the merchant's name is.
5. Set the "Return URL Method" in your Signio account to LINK instead of POST.

• For testing, set SSV#2 to:
  PAYFLOWDEMO
  Use test card 5105105105105100
• If you wish to use signio's electronic check processing, simply set PV#42 with "telecheck".
• Special feature: If you would like transactions to be "authorization only" then set SSV#9 with "A" (without the quotes). If you would like transactions to be "Delayed Capture" then set it with "D". Otherwise, default is "Payment/Sale" ("S"). Example:
  -->partner=PartnerName,A
  -->partner=PartnerName,D
  

• Put this URL in Secure Server Variable #1:
  https://secure.hurstlinks.net/~cubecard/checkout.php
  
• Put your login ID with CubeCard in Secure Server Variable #2.
• If you already have your cart working with a real-time credit card processor, you could run the CubeCard payment option from Personal Variable #71.

• Put this URL in Secure Server Variable #1:
  https://secure.worldpay.com/wcc/purchase
  
• Put your account Installation ID with WorldPay in Secure Server Variable #2.
• Put your currency name in SSV#9 like so:
  -->currency=USD
  or:
  -->currency=GBP
  or:
  -->currency=AUD
  SSV#9 will not be used for card types in this situation, but just a way to pass the currency type to WorldPay.
  
  You may also put your account into test mode by merely inserting "testMode" into SSV#9 like so:
  -->currency=GBP,testMode=100
  
• authMode and accId1 variables can be set in SSV#9 also like so:
  -->currency=GBP,testMode=100,authMode=E,accId1=nnnn
  or
  -->currency=GBP,authMode=E,accId1=nnnn
  

Setting your Return URL with WorldPay Junior:

• Put a META refresh tag in your resultY.html or thanks.html page like you see below and upload to CMS on the WorldPay website:
  <META HTTP-EQUIV=REFRESH CONTENT=0;URL=http://www.YourName.com/cgi-bin/cart.pl?SSV#6>
• Replace SSV#6 above with the random sequence of characters that you put in Secure Server Variable #6 in your vars.dat file.
• Put a META refresh tag in your sorry.html page like you see below and upload to CMS on the WorldPay website:
  <META HTTP-EQUIV=REFRESH CONTENT=0;URL=http://www.YourName.com/cgi-bin/cart.pl?failure>

• You must have a BofA BRANDED account.
• Put this URL in Secure Server Variable #1:
  https://cart.bamart.com/payment.mart
• Put your User ID in Secure Server Variable #2. (A test login ID is: demo_settle_up_branded )
• Log in to the eStores back office, select the "Manage Store" menu, then select the "Online Marketing Setup" menu and finally the "Authorized web Sites Menu". In that work area, enter the domain of the web site that posts the transaction to eStores, click the update button at the bottom of the screen and then publish the change using the "publish changes" link at the top of the page.
• Inside your BofA account, set your acceptance URL to:
  http://www.YourName.com/cgi-bin/cart.pl?SSV#6
  This is the same URL you have set in Host Variable #1, followed by a "?", then the random string you set in SSV#6.
• Set your rejection URL to:
  http://www.YourName.com/cgi-bin/cart.pl?failure

• Put this URL in Secure Server Variable #1:
  https://www.eway.com.au/gateway/payment.asp
• Put your login ID in Secure Server Variable #2.

• Put this URL in Secure Server Variable #1:
  https://www.paypal.com/us/cgi-bin/webscr/
• Put your PayPal ID in Secure Server Variable #2. Your PayPal ID is your email address that you use to login to your PayPal account.
• If you already have your cart working with a real-time credit card processor, you could run the PayPal payment option from Personal Variable #71.
• If you have cart.pl version 3.49+ login to your PayPal account and navigate to Profile --> My selling tools --> Website preferences. Set "Auto Return" to "On" and set the "Return URL" field. Scroll down and set "Payment Data Transfer" to "Off". Scroll down and set "PayPal Account Optional" to "On". There is no need to define the default Auto Return URL, since the cart will pass the correct URL to them during the transaction. Scroll down and click "Save".
• Set your email address in SSV#13.
• Also, make sure you insert something like this in #158 of your lang.dat file:
  158 -->Various items in shopping cart with shopper ID number:
• If you are using the security feature of PV#66 then, in addition to having your own domain in there, make sure you add "www.paypal.com". Example:
  66 -->YourDomain.com,www.paypal.com
• You may set the currency_code you want to use with PayPal in SSV#9. If you do not set SSV#9 with the currency_code, USD will be used by default. For example:
  -->currency_code=USD
  If you currently have other settings in SSV#9, just separate them with a comma like so:
  -->visa,mastercard,currency_code=USD
  Other currency codes currently supported by PayPal are:
  "GBP": Pounds Sterling (£)
  "EUR": Euro (¬)
  "CAD": Canadian Dollar (C$)
  "JPY": Japanese Yen (¥)
  "USD": US Dollar ($)
  
• You may also define PayPal's "lc" and "no_shipping" variables:
  -->visa,mastercard,currency_code=USD,lc=US,no_shipping=1
  
• You may define PayPal's "ah" variable so PayPal's website will prompt current PayPal members with the option of paying with another credit card or with their PayPal account:
  -->visa,mastercard,currency_code=USD,lc=US,no_shipping=1,ah=0
  
• With cart.pl 3.60 you may define the "cbt" variable used by PayPal to customize the text in the link at the bottom of your customer's PayPal receipt page. Example:
  -->visa,mastercard,currency_code=USD,lc=US,no_shipping=1,ah=0,cbt=You must click here to complete your transaction!
  Do not use any commas or equal signs in the text.
  
• If PayPal requires that you set an auto return URL in your PayPal account, just enable IPN (Instant Payment Notification). The Dansie Shopping Cart automatically sends the return URL to PayPal during the transaction.

• Put this URL in Secure Server Variable #1:
  https://checkout.psigate.com/HTMLPost/HTMLMessenger
  For running test orders, use this URL:
  https://dev.psigate.com/HTMLPost/HTMLMessenger
• Put your PSiGate StoreKey in Secure Server Variable #2.
• Set a unique invoice prefix in PV#65. This is necessary as PSIGate requires all shopper ID numbers to be completely unique from all others.
• A test user ID is "teststore" and a test credit card number is: 4111111111111111. Be sure to enter a valid state and zip code when testing.

• Put this URL in Secure Server Variable #1:
  https://www.securepay.com/dansie/index.cfm
• Put your SecurePay.com merchant ID in Secure Server Variable #2.
• A test merchant ID to use is 10054.
• Use these numbers for testing: 4111111111111111 or 5419840000000003
• Make sure that PV#44 is set to 1 or SecurePay will issue an error message.

• Put this URL in Secure Server Variable #1:
  https://www.payready.net/DMTransaction.asp
• Put your PayReady login ID in Secure Server Variable #2.
• To run some test orders, set SSV#1 with: https://www.payready.net/DMtransaction.asp
  Set SSV#2 with: PayReady.net Test Account
  A test credit card number to use is: 4012000010000
  

• Put this URL in Secure Server Variable #1:
  https://www.netbanx.com/cgi-bin/payment/NETBANXID
  Replace "NETBANXID" in the URL with your NetBanx ID.
  For testing, set it to:
  https://www.netbanx.com/cgi-bin/payment/dansietest
• You can leave SSV#2 blank.
  
• Set SSV#9 with your currency code like so:
  -->USD
• A test credit card number is: 4921123412341230

• Put this URL in Secure Server Variable #1:
  https://www.secure-server-hosting.com/secutran/secuitems.php
  
• Set SSV#2 with your SecureHosting.com ID
  
• Set SSV#9 with your shreference, checkcode and filename like so:
  -->shreference=abcd1234,checkcode=123456,filename=abcd1234/template.html
• You will need SecureHosting.com's template.html file.

• Decide if you want to use "Skipjack DLL" or their older "Skipjack COM object".
  Skipjack DLL:
  • Put this URL in Secure Server Variable #1:
    https://www.YourName.com/cgi-bin/ssl.pl?skipjack
    The use of Skipjack DLL will require an SSL Secure Sockets Layer Site Security Certificate. This will allow you to run the ssl.pl script (version 3.19+ required) via "https" with encryption. Your web host can assist you with this. Upload the ssl.pl script (version 3.19+ required) to your cgi-bin in ASCII format and chmod it 755.
  Skipjack COM object:
  • Put this URL in Secure Server Variable #1:
    https://www.skipjackic.com/secure/process.asp
    The use of Skipjack COM object does not require the use of the ssl.pl script, nor does it require that you have SSL encryption on your website. Skipjack will collect your customers credit card data on their website and will provide the encryption.
• Set SSV#2 with your Skipjack MerchantID/HTML Serialnumber
  
• Login to your Skipjack account at http://www.skipjack.com
  To log in you will need:
  • a) Login Serial Number / Vendor ID (This is different from your MerchantID/HTML Serialnumber)
  • b) Username
  • c) Password
• Click on the "Preferences" link at the top of the page.
• Then click on the "Response Files" link under "VENDOR PREFERENCES".
• Set the "Thank you for your order:" field with your cart's return URL. Like this:
  http://www.YourName.com/cgi-bin/cart.pl?SSV#6
  This URL needs to be exactly what you have in HV#1 plus a question mark, plus what you have in SSV#6. The SECURITYID is what you define in variable SSV#6 below.
• Set the "Invalid credit card:" field with your cart's "failure" URL. Like this:
  http://www.YourName.com/cgi-bin/cart.pl?failure
• Click the "Submit" button.
• You can use this credit card number for testing: 44459999222225
• It is also recommended that you set your email address in SSV#13.

• Put this URL in Secure Server Variable #1:
  https://www2.2checkout.com/2co/buyer/purchase
  
• Set SSV#2 with your 2checkout.com seller ID.
  
• Login to your 2checkout.com account at https://www2.2checkout.com/2co/login
  
• Click on "Look & Feel Settings".
• Set "Direct Return" to NO.
• There is no need to set Pending URL or Approved URL.
• Click the "Save Changes" near the bottom of the page.
• To run some test orders, set SSV#9 with DEMO=Y like so:
  9 Sending misc info to processor or ssl.pl -->DEMO=Y
  A test card number to use is 2345234523452345. When you are ready to go live, drop the DEMO=Y from SSV#9.
• Mall Version note: If you are using the Dansie Shopping Cart Mall Version, set the URL in the META tag of the "thanks.html" page like so:
  http://www.YourName.com/cgi-bin/cart.pl?SSV#6&merchant=MerchantName
  Change SSV#6 to what you have in SSV#6 and "MercantName" to what the merchant's name is. Example:
  http://www.YourName.com/cgi-bin/cart.pl?abcd1234&merchant=acmewidgets

• Put this URL in Secure Server Variable #1:
  https://www.2checkout.com/cgi-bin/Abuyers/purchase.2c
  
• Set SSV#2 with your 2checkout.com seller ID.
  
• Login to your 2checkout.com account at http://www.2checkout.com/login.htm
  
• Select "Account Details" and "Return".
• Scroll down to "cartpurchase.2c Shopping Cart Parameters". If you are using 2CO Version 2 you may find this under their Shopping Cart menu.
• Set "Return to a routine on your site after credit card processed?" to "Yes".
• Set your Return URL in the TEXT field.
  http://www.YourName.com/cgi-bin/cart.pl?SSV#6
  This URL needs to be the exact URL you have in Host Variable #1 of your vars.dat file, followed by a "?", then the string of random alpha-numeric characters you set in Secure Server Variable #6. Example:
  http://www.YourName.com/cgi-bin/cart.pl?1jf8j987h
  
• Click the button "Save Passback Parameters"
• Under "Overall Passback Parameters." set "Direct Return" to "No".
• Again, click the button "Save Passback Parameters"

• Put this URL in Secure Server Variable #1:
  https://securetrading.net/authorize/form.cgi
  
• Set SSV#2 with your securetrading.com ID.
  
• Set your currency you want securetrading.com to use in SSV#9 like so:
  -->currency=gbp
  
• It is also recommended that you set your email address in SSV#13.

• BluePay requires the Digest::MD5 Perl module be installed on your server. Check with your host if they have the Digest::MD5 Perl module installed. The ssl.pl script works with Digest::MD5 to encrypt data before being sent to the BluePay processor.
• BluePay does not collect your shoppers credit card data on their secure website, so you will need to use the ssl.pl script on a site with an SSL site security certificate to act as a bridge.
• Get your BluePay Secret Key. From your BluePay account menu select: Administration --> Accounts --> list --> view
  Set your BluePay Secret Key in the $secret_key variable near the top of the ssl.pl script.
• Set Secure Server Variable #1 with the ssl.pl script (version 3.16+) and a "?bluepay" query string like so:
  https://www.YourName.com/cgi-bin/ssl.pl?bluepay
• Set SSV#2 with your BluePay Account ID. Your Account ID is located on the same page as your Secret Key.
  
• Set the TRANSACTION_TYPE you want to use with BluePay in SSV#9 like so:
  -->TRANSACTION_TYPE=AUTH
  Another option provided by BluePay besides AUTH is SALE (For Immediate Sale-Capture of funds).
  -->TRANSACTION_TYPE=SALE
  
• Set SSV#9 with MODE=TEST if you want to run some test orders like so:
  -->TRANSACTION_TYPE=AUTH,MODE=TEST
  When you are ready to go live, set it with MODE=LIVE.
• A test credit card number to use for test transactions is: 4111111111111111. Use any expiration date greater than today and "123" for the 3 digit number.
  
• It is highly recommended that you set your email address in SSV#13.

Trouble Shooting:
If the ssl.pl script says POST Method Not Allowed or serves as plain text and doesn't execute...
First make sure that ssl.pl is chmoded 755. Second, try renaming it to ssl.cgi and see if it will execute that way. If it still doesn't execute, contact your host and ask them to set permissions on it so that it will execute.

SPECIAL NOTE ABOUT ssl.pl and email
If your ssl.pl script is on a remote host and you are not receiving your customers credit card numbers via email from the ssl.pl script, then see the "SENDMAIL VARIABLES" section near the top of the ssl.pl script. Your remote host may have a different sendmail path than your local host and you will have to set that in the ssl.pl script.

System Path to "orders.dat"
You can get your system paths like so:
http://www.YourName.com/cgi-bin/cart.pl?path
http://www.YourName.com/cgi-bin/cart.pl?env
https://YourSecureHost.com/cgi-bin/ssl.pl?path
https://YourSecureHost.com/cgi-bin/ssl.pl?env
Make sure PV#55 is set to 0.

Making sure "orders.dat" is writable
If the directories where you want orders.dat appended to are not writable, then you will need to create an empty file manually on your computer ("orders.dat"), upload it to the directory where you want it and chmod it 777 so it will be writable. Otherwise the scripts wont be able to write to your "orders.dat" file and you will be wondering why it's not appending.

Emailing orders and appending

Order details emailed to you.	Set Host Variable #6 to the sendmail path on your host. Order details will be emailed to the email address you set in Personal Variable #2. You can set as many email addresses as you wish in PV#2 separated by commas, space characters or both. They will get a Bcc (blind carbon copy) of the order details.
Order details appended to a data file on your host.	Set Secure Server Variable #8
Customers credit card numbers emailed to you (If using the ssl.pl script).	Set Secure Server Variable #11. Set Secure Server Variable #10 also so that the ssl.pl script will work with PGP to encrypt the emails.
Customers credit card numbers emailed to you and appended to a data file too.	Set both SSV#8 and SSV#11.

If you have SSV#8 and SSV#11 blank, yet you are using the ssl.pl script, the credit card numbers will be emailed to the first email address you have listed in PV#2. The other email addresses listed in PV#2 will get a copy of the order details, but not the email with the credit card number in it.

• The system path to the PGP program
• The system path to PGP's temp directory that it writes encrypted files to
• Your PGP user ID (key)
• and your PGP version

Armor = on            # Use -a flag for ASCII armor whenever applicable
TextMode = on         # Attempt to use -t option where applicable
clearsig = on         # Use unarmored plaintext for unencrypted signed message
# KeepBinary = on     # Decrypt will not delete intermediate .pgp file
# verbose = 2         # verbose diagnostic messages
verbose = 0           # be quiet
# compress = off      # off means suppress compression to aid debugging
# showpass = on       # Echo password when user types it

sales@YourName.net, orders@YourName.net

Books|0002|The Boy Scout Handbook|Author: Bill Hillcourt|10.00|1|boyscout_large.jpg
Clothing|1001|Purse|Black Leather purse with leather straps.|20.00|1|purse_large.jpg

Books|0002|The Boy Scout Handbook|Author: Bill Hillcourt|10.00|1|boyscout_large.jpg
Clothing|1001|Purse|Black Leather purse with leather straps.|20.00|1|purse_large.jpg

Books|0002|The Boy Scout Handbook|Author: Bill Hillcourt|10.00|1|boyscout_large.jpg
Clothing|1001|Purse|Black Leather purse with leather straps.|20.00|1|purse_large.jpg

Books|0002|The Boy Scout Handbook|Author: Bill Hillcourt|10.00|1|boyscout_large.jpg
Clothing|1001|Purse|Black Leather purse with leather straps.|20.00|1|purse_large.jpg

Books|0002|The Boy Scout Handbook|Author: Bill Hillcourt|10.00|1|boyscout_large.jpg
Clothing|1001|Purse|Black Leather purse with leather straps.|20.00|1|purse_large.jpg

Books|0002|The Boy Scout Handbook|Author: Bill Hillcourt|10.00|1|boyscout_large.jpg
Clothing|1001|Purse|Black Leather purse with leather straps.|20.00|1|purse_large.jpg

Books|0002|The Boy Scout Handbook|Author: Bill Hillcourt|10.00|1|boyscout_large.jpg
Clothing|1001|Purse|Black Leather purse with leather straps.|20.00|1|purse_large.jpg

Books|0002|The Boy Scout Handbook|Author: Bill Hillcourt|10.00|1|boyscout_large.jpg|blah|blah|blah
Clothing|1001|Purse|Black Leather purse with leather straps.|20.00|1|purse_large.jpg|blah|blah|blah

DATABASE OPTIONS:

<SELECT>
These are SELECT and OPTION tags Looking for something? =)

Your databases may have "pull-down menus" or <SELECT> tags. This is very easy to set up with your flat-file databases. In a field of your database that is designated as one of the additional custom description fields (#13 above), you may create a pull-down menu by using the following syntax:
OPTIONS^Red^Blue^Green

Red Blue Green

The word "OPTIONS" will signal to the shopping cart that you want a <SELECT> pull-down menu with options. The following sub-fields (red, blue, green) will be the options in the pull-down menu. Make sure that OPTIONS is capitalized and that the separation caracter "^" (which is options separator, #4) is not the same as the main field separation character (#3).

You may change the actual price of the item by using a "$" in the options like so:
OPTIONS^Small $10^Medium $20^Large $30

Small $10 Medium $20 Large $30

If you set Personal Variable #36 (currency symbol) to something other than "$", such as "L", then be sure to use that symbol insead. Example:
OPTIONS^Small L10^Medium L20^Large L30

You may add to the current price by placing plus signs before your currency symbol like so:
OPTIONS^Red +$3^Blue +$5^Green +$10

Here is a more detailed example of an entire line (item) of a database file:
Shirts|1001|Men's T-Shirt|100% Cotton|10|.5|shirt.gif|OPTIONS^Small $10^Medium $20^Large $30|OPTIONS^Red +$3^Blue +$5^Green +$10
Key:
category|stock#|ItemName|description|price|shipping(lbs)|image|pull-down menus|pull-down menus

Do you want your <SELECT> menus larger than one line? (In other words <SELECT SIZE=3>) This is how you do it:
OPTIONS3^Red^Blue^Green

Red Blue Green

Any number immediately following "OPTIONS" will set the SIZE of the SELECT pull-down menu.

---

CHECKBOX: An option

Do you want your databases to display checkboxes?
CHECKBOX^With tote bag +$5.00|CHECKBOX^Bag of tees +$2.00
Use + signs with checkboxes if you want to add to the current price.

---

TEXT:

Do you want to use text fields in your databases so your customers can give you some input?
TEXT^Name to be embroidered on shirt^10-20
The first field tells the cart that you want it to display a TEXT field. The second field is your statement to be printed on the page of the database display. The third field sets the SIZE and MAXLENGTH attributes of the text field.

---

TEXTAREA:

Do you want to use TEXTAREA fields in your databases so your customers can give you some more input?
TEXTAREA^Name, address, city, state and zip:^30-4
The first field tells the cart to display a TEXTAREA. The second field is your statement to be printed on the page of the database display. The third field sets the COLS and ROWS attributes of the TEXTAREA box.

---

Quantity:

Do you want a QUANTITY text field in your databases so your customers can enter quantity?
QUANTITY^How many days?^3-3-1
The first field tells the cart script to make a TEXT box for quantity. The second field is your statement to be printed on the page of the database display next to this TEXT box. The third field sets the SIZE and MAXLENGTH attributes of the text box and the default quantity.

---

Miscellaneous Database Tips:

Want to use Volume Discount Pricing with your databases? Put this format in your price fields:
10.00:1:9.00:10:8.00:20
This means, $10 each for 1 (or more), $9 each for 10 (or more) and $8 each for 20 (or more). Always use the ":" character to separate the sub-fields of your volume discount pricing. Make sure your list is in order from smallest quantity (1) to largest quantity. See Template.html section 1C for information on how to use volume discount pricing with standard HTML forms.

You can add keywords to the items in your databases so the search engine can find the item better, without the keywords appearing in the database's product displays. Use HTML comment tags in your fields like so:
|<!-- these are some key words -->|
The search engine will find the keywords and display the products, but the search words wont display on the web page.

If an item in your database is nontaxable, you can put this in one of your custom description fields and the cart wont calculate sales tax on that item.
|#nontaxable#|

If an item in your database should always be charged full price, even when a webstore or coupon discount is invoked, you can put this in one of your custom description fields and the cart will always charge full price for that item.
|#nodiscount#|

You can have links appear in your database by inserting some <A HREF> tags in the custom description fields of your database like so:
|<A HREF=http://www.YourName.com/Details.html>Click for details</A>|
Or extra images too:
|<IMG SRC=http://www.YourName.com/Image.gif>|
Pop-up windows can be used to with a little JavaScript too.

Would you like to link your thumbnail images to larger images? Normally, you would tell the cart program where your thumbnail is like so: ||||||https://www.dansie.net/images/purse.jpg|||||| Putting the URL to the thumbnail image in the field position defined by Database Variable #12. But, if you want the cart program to automatically link to a larger image that you have made, just add a double colon delimiter "::" followed by the name or full URL of the larger image. Example: ||||||https://www.dansie.net/images/purse.jpg::purse_large.jpg|||||| Remember, you only need to put the name of the image as long as the image is located in the directory defined by Host Variable #3.


You can comment out items in the database so they wont be displayed. Perhaps your item is temporarily out of stock. Instead of removing it's line from the database, precede it with a pound sign (#) like so: #category|stock#|ItemName|description|price|shipping|image|extra fields...||||

Referral Tracking

You can now track if your customers arrived at your web store, from your friends website. It works like this: Instead of other website owners linking to your site like this:
http://www.YourName.com
They would link to your site like this:
http://www.YourName.com/cgi-bin/cart.pl?referrer=Buddy&url=http://www.YourName.com
Notice the query string:
?referrer=Buddy&url=http://www.YourName.com
"referrer" would be their identity that you know your partner/referrer by, and the "url" would be where you want the cart to redirect that customer to after they arrive at your site. Most likely, your main page. What this does is it prepares a data file in your "temp" directory with the shopper ID number like so: Buddy - 1000 Where "Buddy" is the referrer's name (you could use numbers too) and 1000 is the customer's actual shopper ID number. So, if you have a customer whose shopper ID number is just "1000", then you know that they came directly to your site from a search engine or so. If their shopper ID number is "Buddy - 1000", then you know that your partner/referrer "Buddy" was responsible for sending business your way. Now you DO NOT need to look in the "temp" directory. Just look at the top of the email receipts next to the shopper ID number. That's where the referral ID will appear.

If you omit the "url=http://www.YourName.com" part of the query string, people will be redirected to the URL you specified in Host Variable #2.

Another way to pass a referrer's name to the cart is right inside an HTML product form like so:
<INPUT TYPE="hidden" NAME="referrer" VALUE="Buddy">
If you pass that tag to the cart in an HTML form, it will make sure that the referrer's name is next to the shopper ID number in the email receipt.

Using the Dansie Shopping Cart Mall Version? Have people link to your site like this:
http://www.YourName.com/cgi-bin/cart.pl?referrer=Buddy&url=http://www.YourName.com&merchant=fred
Or:
http://www.YourName.com/cgi-bin/cart.pl?referrer=Buddy&merchant=fred
(Without the "url=http://www.YourName.com")

The URL you use here must match exactly what you have in Host Variable #1.

Sell Passwords

The Dansie Shopping Cart can automatically email your customer unique, random passwords or other sensitive information after "Secure Online Credit Card Transactions" and "Online Check Drafts" depending upon designated items they purchase with the cart. The sensitive information can be emailed to your customer automatically after their credit card is approved. The cart can append their email address and password to an .htpasswd file on your server granting them access to a specific directory. As of cart.pl version 3.26 the cart can automatically remove their email address and password from the .htpasswd file after the number of days that you designate.

• Create a file named "passwords.dat" with Notepad or SimpleText.
• Put information in the file like so:
  Some Great Widget|Thank you for ordering our great widget! Some Downloadable Widget|Thank you for ordering our widget!|You can download it at: http://www.YourName.com/widget/ Some Password Protected Downloadable Widget|/usr/local/htdocs/widget/.htpasswd|You can download it at: http://www.YourName.com/widget/|Your password is: #random_password# Some Password Protected Downloadable Widget|/usr/local/htdocs/widget/.htpasswd|Expires: 30|You can download it at: http://www.YourName.com/widget/|Your password is: #random_password# Super Software Download|/usr/local/etc/httpd/htdocs/special/.htpasswd|Download now here: "http://www.YourName.com/special/"|The password is: #random_password# Members Calendar of Events|/usr/local/htdocs/calendar/.htpasswd|Expires: 30|Download now here: "http://www.YourName.com/calendar/"|The password is: #random_password#
• The file must be named "passwords.dat".
• The passwords.dat file must be uploaded to the same directory as your vars.dat file.
• Notice that each example above has fields on each line separated by the "|" character.
• Only one line break per item. (On the end of the line.)
• Make sure that the left fields in your passwords.dat file matches exactly what you have in one of the custom description tags of your HTML form. It is case sensitive. Example:
  <INPUT TYPE=HIDDEN NAME="custom3" VALUE="Super Software Download">
• If you want your customers email addresses and their random passwords appended to a .htpasswd file then put the exact accurate system path to that .htpasswd file in the second field. Note: .htpasswd files only work in Unix hosted websites. Not on Windows NT hosts.
• If you want their password access to automatically expire after a certain number of days, then put this in the third field like so:
  Members Calendar of Events|/usr/local/htdocs/calendar/.htpasswd|Expires: 30|blah|blah
  This will tell the cart to remove their email address and password from the .htpasswd file after 30 days. Make sure you use the word "Expires:" followed by any number. Put "30" for one month and "360" for one year. Note: Old expired passwords will be deleted from the .htpasswd file when the cart.pl script adds new passwords and not necessarily on their exact expiration date. If you open the .htpasswd file in a plain text editor, you will notice that it has a comment line just above each set of email address and password pair. Example:
  

  # 20020320|20020420|John Smith|SuperWuper Widget
  john@JohnsDomain.net:aansZQFmBavGI
  

  The key to the comments are:
  Date ordered(yyyy/mm/dd)|date expires|customers name|product/service ordered
  If you wish to manually delete a customers email address and password, be sure to delete the comments in the line above it as well.
• You can put any text in the additional fields after the first "|" pipe delimiter as you desire. That additional text can be a system path to a .htpasswd file, days until expiration, or just general info that you want to give to your customers. If you insert the marker #random_password# the cart will generate an 8 digit alpha-numeric random password for the customer and insert it in the customers email receipt. If more than one item is ordered with a password, the cart will make all the passwords the same for the convenience of your customer. If you have a situation where you need all the passwords different, just ask us how. You can use as many extra fields as you like, each pipe delimiter will indicate a line break in the email receipts.
• If you set a system path to your .htpasswd file in the second field then the cart will automatically append your customers billing email address and crypted password to your .htpasswd file allowing them immediate access to the directory you choose.
• For security reasons, if you have the cart accepting Check Drafts using the ssl.pl script, passwords will NOT be issued in the customer's email receipt. You can send them a password AFTER you have verified their check and banking information.
• Mall Version note: For security reasons, your hosted merchants will not be allowed to have their passwords.dat file tell the cart.pl script to write to any .htpasswd files outside of their directory or a subdirectory thereof. So this feature is partially disabled. However, if you are the only one that has access to their vars.dat and passwords.dat files, etc, let us know and we can disable the merchant security feature for you and this feature would then work with the Mall Version.

When a customer purchases an item via "Secure Online Credit Card Transaction", if one of the custom descriptive fields contains any phrase found in the left field of the "passwords.dat" file, the cart will email them the special instructions of the corresponding right field(s) of the passwords.dat file. Example:
<INPUT TYPE=HIDDEN NAME="custom3" VALUE="Super Software Download">
If you had the above tag in one of your product forms, and your customer purchased the item via "Secure Online Credit Card Transaction" or "Online Check Draft" they would receive the special info found in the passwords.dat file. You may put as many lines in your passwords.dat file as you wish. If you are sending URLs it is recommended to leave PV#72 blank when using the Sell Passwords feature so as to avoid problems with the way the email receipts are formatted.

If you are using multi-item forms with the Sell Passwords feature, be sure to set the phrase that triggers the passwords.dat file in fields 5, 6 or 7. Example:
<INPUT TYPE=CHECKBOX NAME="multi-item1" VALUE="A Software Program|9.95|1|software.jpg|Super Software Download">
Then in your passwords.dat file you would put:
Super Software Download|Download now here: "http://www.YourName.com/special/" The password is: #random_password#

A .htpasswd toolkit can be found here:
https://www.dansie.net/htpasswd_toolkit.zip

Limited Quantity Inventory

The Dansie Shopping Cart can keep track of the remaining items in stock that you have limited quantities of. Like rare sports cards and antiques. It will decrement a data file like you see below every time someone orders an item with that name.

Mens Tie|10
Gift Basket|20
SuperWuper Widget|1

Notice that it has two fields on each line separated by the "|" character. When a customer purchases an item that matches the name in the field on the left, the cart will decrement the number in it's corresponding field on the right. When that item hits zero, and another customer tries to put that item in the cart, the cart will give the customer a message that this item is out of stock. You may put as many items and quantities in your "limited.dat" file as you wish. To utilize this feature, just create a data file called "limited.dat", put it in the same directory that your vars.dat file is in and chmod it 777 so it's writable. Remember, you must put the name of the item in the field on the left. Not the stock number. Also, it is case sensitive.

Note: If a customer selects any payment method such as "Credit Card Transaction via Telephone" or "Check or Money Order" the cart will decrement limited quantity items even if the customer doesn't call to submit their credit card number or send you their check. Also, if two visitors to your site put the last of an item into their cart at the same time, there is the possibility that both orders will go through without one of them getting the "item is out of stock" message. But over all, it will prevent mass numbers of orders for items that are out of stock.

One of a kind and backorderable items (cart.pl version 3.71+)

One of a kind and backorderable items can be denoted with a third field like so:

Mens Tie|10|1
Gift Basket|20|0
SuperWuper Widget|1|0

0 = The item is one of a kind or not backorderable. You don't plan on getting any more in stock, when they're gone, they're gone. The cart wont sell the item once it reaches zero quantity in stock.

1 = The item is backorderable. Even if you run out, you can purchase more, but you want your customer to know there may be a delay in shipping. The cart will still sell the item to your customer. You can adjust the language the cart uses in lang.dat #180

So in the above database example, the Men's Tie is backorderable, but the Gift Basket and the SuperWuper Widget are not. The cart will send an email once per day (if any changes have been made to the limited.dat file) to the first email address set in PV#2 with a summary of the Limited Quantity Inventory items.

Restricting Payment Options and Shipping Methods

The Dansie Shopping Cart version 3.42+ can restrict the shopper to certain payment options and shipping methods when certain items are placed into the cart. This can help, for example, if you sell frozen food and only want them to use an overnight shipping method.

To utilize this feature, just create a data file called "restrict.dat" and put it in the same directory that your vars.dat file is in. Example of a restrict.dat file:

SuperWuper Widget|payment_options|1,2,3,6
SuperWuper Widget|shipping_methods|2,3

Notice that it has three fields on each line separated by the "|" character. When a customer puts an item into the cart that matches the name in the first field, the cart will remove all payment options and shipping methods except the ones you explicitly allow in the third field. You may list as many items and quantities in your "restrict.dat" file as you wish. Remember, you must put the name of the item in the field on the left. Not the stock number. Also, it is case sensitive. Valid values for the second field are "payment_options" and "shipping_methods".

In the above example the item with the name "SuperWuper Widget" has it's payment options restricted to 1,2,3,6. The numbers for each payment option are listed here:

Credit card payment option (PV#24)........ 1
Telephone payment option (PV#25).......... 2
Check or money order (PV#26).............. 3
Check draft (PV#42)....................... 4
COD (PV#45)............................... 5
Auxiliary payment option (PV#62).......... 6
Aux processor payment option (PV#71)...... 7
2nd Aux processor payment option (PV#81).. 8

If you have PV#27 set to 1 (shipping by weight or unit), the restrict.dat file will regard the shipping methods listed in PV#29. For example, if you have PV#29 set like so:
29 -->Standard UPS,3 day UPS,2 day UPS,Next day UPS,Europe,Australia
the restrict.dat file would cause only the "3 day UPS" and "2 day UPS" shipping methods to be available.

If you have PV#27 set to 2 (shipping according to subtotal), the restrict.dat file will regard the shipping methods listed in PV#34. For example, if you have PV#34 set like so:
34 -->USA,Canada,U.S. Territories
the restrict.dat file would cause only the "Canada" and "U.S. Territories" shipping methods to be available.



Affiliate Programs:

The Dansie Shopping Cart can work with affiliate programs such as www.commission-junction.com, www.clicktrade.com, www.affiliatetracking.net and others that use IMG tag calls.

• Put an IMG tag in Personal Variable #6 in your vars.dat file like so:
  <IMG SRC="https://www.affiliate.com/cgi-bin/log.pl?
  AMOUNT=#subtotal#&OID=#orderid#&NAME=#name#&EMAIL=#email#&ORDERTYPE=#ordertype#&REFERRER=#referrer#">
• Replace "https://www.affiliate.com/cgi-bin/log.pl" with the URL to your affiliate script.
• The cart will automatically replace #subtotal#, #orderid#, #name#, #email#, #ordertype# and #referrer# with the real subtotal, customer/shopper ID, customer's name, customer's email address, the purchase method they chose and Referral Tracking ID. You need not use all these, just the ones your affiliate needs.
• Replace AMOUNT, OID, NAME, EMAIL and ORDERTYPE with the variable names that your affiliate uses.
• After an order is placed, the Dansie Shopping Cart will display the guarantee statement in Personal Variable #6 on the receipt page which will call the affiliate script.
• The cart will work with Google AdWords as well. Just copy and paste the <NOSCRIPT> portion of the Google code into PV#6. Omit the NOSCRIPT tags. So you should be pasting just one IMG tag in PV#6.

Order Tracking
See PV#69.

1. Create a directory in your cgi-bin with the merchants name and chmod it 777. Example: "merchant1". This directory must be located in the same directory as your cart.pl script. Use letters and numbers and no spaces or special characters.
2. Upload a vars.dat file and a lang.dat file into that new directory (merchant1).
3. Point your browser at the cart like so: http://www.YourName.com/cgi-bin/cart.pl?test|merchant1
   The query string here is "test" followed by the "|" character, followed by the merchants name (directory name). A "temp" directory and shopperid.dat file should be automatically created in this new directory. If not, create them manually via FTP.

<INPUT TYPE=HIDDEN NAME=merchant VALUE="MerchantNameHere">

http://www.YourName.com/cgi-bin/cart.pl?db=stuff.dat&Category=Books&merchant=MerchantNameHere
Instead of:
http://www.YourName.com/cgi-bin/cart.pl?db=stuff.dat&Category=Books

The Dansie Shopping Cart Mall Version has a built-in web based upload utility feature that allows merchants to upload their vars.dat and lang.dat files 24 hours a day without bugging you. To access your Mall Merchant Upload Control Panel, just point your browser at your cart.pl script with the "login" query string like so:
http://www.YourName.com/cgi-bin/cart.pl?login

If you have a site security certificate, your hosted merchants can upload and download information securely too. Just set Host Variable #14 with the "https" URL to the cart.pl script.

In order to allow your merchants web based upload access to their directory, you will need to place a file in your cgi-bin called "merchant_passwords.dat". This plain text file will look like this:

200000
moe|123abc
larry|dkWE3d|400000
curly|hhh555|50000

Use the "|" pipe delimiter to separate the fields. The first line will set the default directory size limit that you will allow to each merchant to have. Only one field goes on this line. The rest of the lines may have either two or three fields. The first field in each line is the merchants name. This must match the name of the merchants directory exactly. The second field is the merchants password. The third field is optional. It allows you to adjust the directory size limit for that merchant. In this example, Moe's third field is not defined, so he gets the default value that is in the first line of the "merchant_passwords.dat" file. Larry's third field has 400000 in it so he gets twice the default size limit to host his files with. Curly's third field is defined as well, but it says 50000. He will only have one-fourth the default allotted space.

• For security reasons, the following variables are automatically set for mall merchants because they have the ability to write to files on the host: HV#8, HV#9, HV#10. The default location of these variables is a system path to the merchants directory.
• For security reasons, the following variables are restricted to being set to a system path inside the merchants own directory or a subdirectory thereof: SSV#8, DBV#1. For example, if one of your merchants directories are here:
  /usr/local/etc/httpd/cgi-bin/cart/acme
  and your "acme" merchant tries to set SSV#8 to:
  /usr/local/etc/httpd/index.html
  the cart.pl script will NOT write to that location. It will only write to the acme directory or sub directories thereof.
  For security reasons it's recommended to set DBV#1 to a different directory that you don't have anything in except your database files. Example:
  -->/system/path/to/cgi-bin/MerchantName/databases
  A merchant may set DBV#1 to a system path to a subdirectory inside their directory. The cart will not permit them to set DBV#1 to a system path outside their directory.
• For security reasons, the following variables are automatically set for mall merchants because they have the ability to execute programs on the host: HV#6, HV#7. The cart.pl script will grab the values of these variables from the default master vars.dat file in your cgi-bin.
• For security reasons, the following variables are limited and if set with a file name, the cart will only look for that file in the same directory that the merchant's vars.dat file is located. A system path will be disregarded. PV#69, PV#80, DBV#22, DBV#27. Put a tracking.dat file in the merchants directory, make sure permissions on it are writable, and the Order Tracking feature will begin working.
• For security reasons, the Sell Passwords feature (passwords.dat) does not allow merchants to append to files on the server outside of their directory or a subdirectory thereof.
• For simplicity reasons, the following variable is disabled and automatically set for all merchants: HV#1. If your merchant sets it incorrectly, their cart will still operate because the cart.pl script will grab the values of this variable from the default master vars.dat file in your cgi-bin.
• You can run diagnostics on the merchants with:
  http://www.YourName.com/cgi-bin/cart.pl?test|MerchantName
  http://www.YourName.com/cgi-bin/cart.pl?vars|MerchantName
  http://www.YourName.com/cgi-bin/cart.pl?lang|MerchantName
  http://www.YourName.com/cgi-bin/cart.pl?write_test|MerchantName
  To view your cart contents with a merchant, use:
  http://www.YourName.com/cgi-bin/cart.pl?look|MerchantName
  Or:
  http://www.YourName.com/cgi-bin/cart.pl?look&merchant=MerchantName
  

1. Unzip the zip package and rename the new "cart.pl" script to "cart_new.pl".
2. Upload the new cart_new.pl script into your cgi-bin in ASCII format (not binary format) and chmod it 755 if on a Unix host.
3. Test your cart by pointing your browser at it.
   http://www.YourName.com/cgi-bin/cart_new.pl?test
   
   • If you get an Internal Server Error, try changing the very first line in the cart_new.pl script from:
     #!/usr/bin/perl
     To:
     #!/usr/local/bin/perl
     
   • If all works fine then delete the old "cart.pl" script in your cgi-bin directory then, rename "cart_new.pl" to "cart.pl".
     
   • If you need any help upgrading, don't hesitate to ask. cart@dansie.net You can securely send us your FTP info here:
     https://www.dansie.net/ftp-secure/
     
4. If you use the ssl.pl script, follow the same instructions above for "cart.pl".
   • Take any custom variable settings you set near the top of your old ssl.pl script and be sure to maintain them in the new one.
   • Set your server's sendmail path near the top of the ssl.pl script so you can receive email from it.
5. Look for any new variables in the new lang.dat file and copy and paste them into your old one.
6. Look for any new variables in the new vars.dat file and copy and paste them into your old one (in the respective four sections).
7. Refer to the new ReadMe for instructions on how to take advantage of the latest new variables. Discard your old ReadMe.