#!/usr/bin/perl

use strict;
use CGI;
use DBI;

my $msg;
print "Content-type: text/html\n\n";
my $thanks = CGI::param('thanks');
if ($thanks == "true") {
    $msg = "<font color=red>Thank you for your order</font>";
}
my $dbdatabase = "aacaffeine";
my $dbserver = "localhost";
my $dbuser = "root";
my $dbpassword = "";
my $id = CGI::param('id');

my $dbh = DBI->connect("DBI:mysql:$dbdatabase:$dbserver", $dbuser, $dbpassword);
my $query = "SELECT * FROM products ORDER BY productname";
my $sth = $dbh->prepare($query);

$sth->execute();
my ($productname, $productdesc, $productprice, $productid);
$sth->bind_columns(undef, \$productname, \$productdesc, \$productprice, \$productid);

print "<html><body text=black bgcolor=white><form action=buy.cgi method=post><center><img src='img/tcc.jpg'><br>$msg<br><table border=1>\n";

while ($sth->fetch()) {
    print "<tr><td><img src='img/$productid.jpg'></td><td>$productname</td><td>$productdesc</td><td>$productprice</td><td><a href='buy.cgi?id=$productid'>Buy</a></td></tr>\n";
}

print "</table></center></body></html>\n";

$sth->finish();
$dbh->disconnect();