| 113 |
- |
1 |
<?php
|
| 121 |
- |
2 |
include_once ('php/hosting.php');
|
| 123 |
- |
3 |
include_once ('php/constants.php');
|
| 113 |
- |
4 |
include_once ('php/sessions_db.php');
|
|
|
5 |
include_once ('php/cryptor.php');
|
|
|
6 |
include_once ('php/tools.php');
|
|
|
7 |
include_once ('php/clsLibGTIN.php');
|
| 121 |
- |
8 |
include_once ("php/NonceUtil.php");
|
| 113 |
- |
9 |
|
|
|
10 |
error_reporting(E_ALL);
|
|
|
11 |
|
|
|
12 |
$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);
|
|
|
13 |
$crypt = Cryptor::getInstance($configFile['cryptor']);
|
|
|
14 |
$tmpSessionTab = (isset($_POST["sessionTab"]) && $_POST["sessionTab"] > 0 ? $_POST["sessionTab"] : null);
|
|
|
15 |
$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);
|
| 121 |
- |
16 |
$systemConf = $configFile['system'];
|
| 113 |
- |
17 |
unset($configFile);
|
|
|
18 |
|
| 123 |
- |
19 |
session_set_cookie_params(604800, '/', '.findcheapmusic.com', true, true);
|
| 113 |
- |
20 |
session_set_save_handler($handler, true);
|
|
|
21 |
if (!empty($_COOKIE['PHPSESSID'])) {
|
|
|
22 |
session_id($_COOKIE['PHPSESSID']);
|
|
|
23 |
}
|
|
|
24 |
session_start();
|
|
|
25 |
|
|
|
26 |
initSessionVariables();
|
|
|
27 |
|
|
|
28 |
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
| 121 |
- |
29 |
if (!getPGV("nonce") || NonceUtil::check($systemConf["nonce_secret"], getPGV("nonce")) === false) {
|
|
|
30 |
exit;
|
|
|
31 |
}
|
|
|
32 |
|
| 113 |
- |
33 |
$barcode = getPGV("barcode");
|
|
|
34 |
|
|
|
35 |
|
|
|
36 |
if ($_POST["submit"] == "check") {
|
|
|
37 |
if (empty($barcode) || !is_numeric($barcode) || strlen($barcode) > 14 || strlen($barcode) < 8) {
|
| 114 |
- |
38 |
myExit("Invalid Barcode", null, true);
|
| 113 |
- |
39 |
}
|
|
|
40 |
|
|
|
41 |
$type = clsLibGTIN::GTINCheck($barcode, false, 1);
|
|
|
42 |
$value = clsLibGTIN::GTINCheck($barcode);
|
|
|
43 |
if (!$type) {
|
| 114 |
- |
44 |
myExit("Barcode does not have a valid check digit", null, true);
|
| 113 |
- |
45 |
} else {
|
| 114 |
- |
46 |
myExit("Valid barcode<br>" . $type . " " . $value, $value);
|
| 113 |
- |
47 |
}
|
|
|
48 |
} else if ($_POST["submit"] == "calc") {
|
|
|
49 |
if (empty($barcode) || strlen($barcode) > 13 || strlen($barcode) < 8) {
|
| 114 |
- |
50 |
myExit("Invalid Barcode", null, true);
|
| 113 |
- |
51 |
}
|
|
|
52 |
|
|
|
53 |
$type = clsLibGTIN::GTINCheck($barcode, false, 1);
|
|
|
54 |
$value = clsLibGTIN::GTINCheck($barcode);
|
|
|
55 |
if ($type) {
|
| 114 |
- |
56 |
myExit("Barcode already has a valid check digit" . "<br>" . $type . " " . $value, $value);
|
| 113 |
- |
57 |
}
|
| 121 |
- |
58 |
$res = $checkDigit = clsLibGTIN::GTINCalcCheckDigit($barcode);
|
|
|
59 |
if (!$res) {
|
|
|
60 |
myExit("Invalid Barcode", null, true);
|
|
|
61 |
}
|
| 113 |
- |
62 |
$type = clsLibGTIN::GTINCheck($barcode . $checkDigit, false, 1);
|
|
|
63 |
$value = clsLibGTIN::GTINCheck($barcode . $checkDigit);
|
| 114 |
- |
64 |
myExit("Check Digit is " . $checkDigit . "<br>" . $type . " " . $value, $value);
|
| 113 |
- |
65 |
}
|
|
|
66 |
}
|
|
|
67 |
|
|
|
68 |
MySessionHandler::commit(session_id());
|
|
|
69 |
exit;
|
|
|
70 |
|
| 114 |
- |
71 |
function myExit($msg, $value, $isError = false) {
|
| 113 |
- |
72 |
echo '<span class="' . ($isError ? 'text-danger' : 'text-success') . '">' . $msg . '</span>';
|
| 114 |
- |
73 |
if (!$isError) {
|
|
|
74 |
echo '<div class="mt-3">';
|
| 121 |
- |
75 |
echo '<form id="barcodeSearchForm" method="post" action="/index.php">';
|
| 116 |
- |
76 |
echo '<input type="hidden" name="sessionTab" value="' . MySessionHandler::getSessionTab() . '" />';
|
| 121 |
- |
77 |
echo '<input id="barcodeSearchTerm" type="hidden" name="searchTerm" value="' . $value . '" />';
|
|
|
78 |
echo '<button id="barcodeSearchBtn" type="submit" class="btn btn-success" name="submit" value="Search">Search ' . $value . '</button>';
|
| 114 |
- |
79 |
echo '</form>';
|
|
|
80 |
echo '</div>';
|
| 123 |
- |
81 |
saveBarcodeSearch($value);
|
| 114 |
- |
82 |
}
|
| 113 |
- |
83 |
MySessionHandler::commit(session_id());
|
|
|
84 |
exit;
|
|
|
85 |
}
|
| 123 |
- |
86 |
|
|
|
87 |
function saveBarcodeSearch($value) {
|
|
|
88 |
$_sess_db = MySessionHandler::getDBSessionId();
|
|
|
89 |
|
|
|
90 |
$access = mysqli_real_escape_string($_sess_db, time());
|
|
|
91 |
$barcode = mysqli_real_escape_string($_sess_db, $value);
|
|
|
92 |
$userId = (empty($_SESSION['sessData']['userID']) ? 'NULL' : $_SESSION['sessData']['userID']);
|
|
|
93 |
$ip = inet_pton($_SERVER['REMOTE_ADDR']);
|
|
|
94 |
|
|
|
95 |
$sql = "INSERT
|
|
|
96 |
INTO barcodeChecks
|
|
|
97 |
(sessId, access, ip, barcode, userId)
|
|
|
98 |
VALUES ('" . session_id() . "', '$access', '$ip', '$barcode', $userId)";
|
|
|
99 |
|
|
|
100 |
if (!mysqli_query($_sess_db, $sql)) {
|
|
|
101 |
error_log("Error: " . $sql . " | " . mysqli_error($_sess_db));
|
|
|
102 |
}
|
|
|
103 |
|
|
|
104 |
}
|