| 2 |
- |
1 |
<?php
|
| 7 |
- |
2 |
include_once('php/sessions_db.php');
|
|
|
3 |
include_once('php/cryptor.php');
|
| 9 |
- |
4 |
include_once('php/vendors.php');
|
| 7 |
- |
5 |
|
| 9 |
- |
6 |
error_reporting(E_ALL);
|
|
|
7 |
|
| 2 |
- |
8 |
if ($_SERVER["SERVER_NAME"] == "www.findcheapmusic.com") {
|
| 5 |
- |
9 |
header("Strict-Transport-Security: max-age=31536000; includeSubDomains; preload");
|
|
|
10 |
header("X-Content-Type-Options: nosniff");
|
|
|
11 |
header("X-XSS-Protection: 1; mode=block");
|
|
|
12 |
header("Access-Control-Allow-Origin: *");
|
|
|
13 |
header("Referrer-Policy: no-referrer");
|
|
|
14 |
header("X-Frame-Options: SAMEORIGIN");
|
|
|
15 |
header("Set-Cookie: ^(.*)$ $1;HttpOnly;Secure");
|
| 10 |
- |
16 |
header("Content-Security-Policy: default-src 'none'; font-src https://use.fontawesome.com; form-action 'self'; img-src 'self' data: https://img.discogs.com https://thumbs1.ebaystatic.com https://thumbs2.ebaystatic.com https://thumbs3.ebaystatic.com https://thumbs4.ebaystatic.com; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ https://use.fontawesome.com/releases/v5.8.1/css/;frame-ancestors 'self'");
|
| 2 |
- |
17 |
}
|
|
|
18 |
|
| 7 |
- |
19 |
$configFile = parse_ini_file("../MyFiles/config/cheapmusic.ini",true);
|
|
|
20 |
$crypt = Cryptor::getInstance($configFile['cryptor']);
|
|
|
21 |
$tmpSessionTab = (isset($_POST["sessionTab"]) && $_POST["sessionTab"] > 0 ? $_POST["sessionTab"] : null);
|
|
|
22 |
$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);
|
| 9 |
- |
23 |
$vendors = Vendors::getInstance();
|
|
|
24 |
$vendors->setVendor($configFile['ebay'], Vendors::EBAY);
|
|
|
25 |
$vendors->setVendor($configFile['discogs'], Vendors::DISCOGS);
|
| 7 |
- |
26 |
unset($configFile);
|
|
|
27 |
|
| 2 |
- |
28 |
ini_set("session.cookie_httponly", 1);
|
|
|
29 |
ini_set("session.cookie_secure", 1);
|
| 7 |
- |
30 |
session_set_save_handler($handler, true);
|
| 2 |
- |
31 |
session_start();
|
|
|
32 |
?>
|
|
|
33 |
<!DOCTYPE html>
|
|
|
34 |
<html lang="en-US">
|
|
|
35 |
<head>
|
|
|
36 |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
|
37 |
<title>Find Cheap Music...</title>
|
|
|
38 |
<meta name="viewport" content="width=device-width, initial-scale=1">
|
|
|
39 |
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
|
|
|
40 |
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js" integrity="sha384-JUMjoW8OzDJw4oFpWIB2Bu/c6768ObEthBMVSiIx4ruBIEdyNSUQAjJNFqT5pnJ6" crossorigin="anonymous"></script>
|
|
|
41 |
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
|
|
|
42 |
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
|
| 6 |
- |
43 |
<link rel="stylesheet" href="css/style.min.css" integrity="sha384-zfDdfwK/GMKsN/HIVw5QfYNpAuPYAhtEwYs/IFiDiboUBjXRjHpjPt1gdNtJgAWA" crossorigin="anonymous">
|
| 3 |
- |
44 |
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.1/css/all.css" integrity="sha384-50oBUHEmvpQ+1lW4y57PTFmhCaXp0ML5d60M1M7uH2+nqUivzIebhndOJK28anvf" crossorigin="anonymous">
|
| 2 |
- |
45 |
<!-- Global site tag (gtag.js) - Google Analytics -->
|
|
|
46 |
<!--script async src="https://www.googletagmanager.com/gtag/js?id=UA-138428761-2"></script-->
|
|
|
47 |
<!--script src="/js/gtag.js" integrity="sha384-ZoAmOe9K3AXr6ONEK6njtE/HMsMvyjck9EfsgXdZLG7rEiz5GqXEk3RQc2cFIRNY" crossorigin="anonymous"></script-->
|
|
|
48 |
</head>
|
|
|
49 |
<body>
|
|
|
50 |
|
|
|
51 |
<?php
|
|
|
52 |
include_once('php/tools.php');
|
|
|
53 |
|
| 5 |
- |
54 |
initSessionVariables();
|
| 2 |
- |
55 |
|
|
|
56 |
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
| 5 |
- |
57 |
if ($_POST["submit"] == "Search") {
|
|
|
58 |
$zip = sanitizeInput($_POST['buyerZip']);
|
|
|
59 |
if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {
|
|
|
60 |
$_SESSION["buyer"]["Zip"] = $zip;
|
|
|
61 |
} else if (strlen($zip) == 0) {
|
|
|
62 |
$_SESSION["buyer"]["Zip"] = "";
|
|
|
63 |
}
|
| 2 |
- |
64 |
|
| 9 |
- |
65 |
$searchTerm = sanitizeInput($_POST['searchTerm']);
|
|
|
66 |
if (empty($searchTerm)) {
|
|
|
67 |
resetSessionVars();
|
| 5 |
- |
68 |
} else {
|
| 9 |
- |
69 |
$_SESSION["searchTerm"] = $searchTerm;
|
| 2 |
- |
70 |
|
| 5 |
- |
71 |
if (checkSearchFilters()) {
|
|
|
72 |
performSearch();
|
|
|
73 |
}
|
|
|
74 |
}
|
|
|
75 |
} else if ($_POST["submit"] == "Save") {
|
|
|
76 |
$_SESSION["filterCondition"]["New"] = checkPV("filterConditionNew");
|
|
|
77 |
$_SESSION["filterCondition"]["Used"] = checkPV("filterConditionUsed");
|
|
|
78 |
$_SESSION["filterMediaType"]["CD"] = checkPV("filterMediaTypeCD");
|
|
|
79 |
$_SESSION["filterMediaType"]["Record"] = checkPV("filterMediaTypeRecord");
|
|
|
80 |
$_SESSION["filterMediaType"]["Digital"] = checkPV("filterMediaTypeDigital");
|
| 2 |
- |
81 |
|
| 5 |
- |
82 |
if (checkSearchFilters()) {
|
|
|
83 |
performSearch();
|
|
|
84 |
}
|
|
|
85 |
} else if (in_array($_POST["submit"], $buttonArr)) {
|
|
|
86 |
$_SESSION["currentView"] = $_POST["submit"];
|
|
|
87 |
filterResults();
|
|
|
88 |
}
|
|
|
89 |
} else if ($_SERVER["REQUEST_METHOD"] == "GET") {
|
|
|
90 |
if (isset($_GET['z'])) {
|
| 9 |
- |
91 |
$_SESSION["buyer"]["Zip"] = "";
|
| 5 |
- |
92 |
$zip = sanitizeInput($_GET['z']);
|
|
|
93 |
if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {
|
|
|
94 |
$_SESSION["buyer"]["Zip"] = $zip;
|
|
|
95 |
}
|
|
|
96 |
}
|
| 2 |
- |
97 |
|
| 9 |
- |
98 |
$_SESSION["searchTerm"] = "";
|
| 5 |
- |
99 |
if (isset($_GET['q'])) {
|
|
|
100 |
$_SESSION["searchTerm"] = sanitizeInput($_GET["q"]);
|
|
|
101 |
if (checkSearchFilters()) {
|
|
|
102 |
performSearch();
|
|
|
103 |
}
|
|
|
104 |
}
|
| 2 |
- |
105 |
}
|
|
|
106 |
?>
|
|
|
107 |
|
|
|
108 |
<nav class="navbar navbar-expand-sm bg-dark navbar-dark">
|
|
|
109 |
<a class="navbar-brand" href="#">Home</a>
|
|
|
110 |
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleNavbar">
|
|
|
111 |
<span class="navbar-toggler-icon"></span>
|
|
|
112 |
</button>
|
|
|
113 |
<div class="collapse navbar-collapse" id="collapsibleNavbar">
|
|
|
114 |
<ul class="navbar-nav">
|
|
|
115 |
<li class="nav-item">
|
| 9 |
- |
116 |
<a class="nav-link" href="terms.php">Terms of Service</a>
|
| 2 |
- |
117 |
</li>
|
|
|
118 |
<li class="nav-item">
|
| 9 |
- |
119 |
<a class="nav-link" href="privacy.php">Privacy Policy</a>
|
| 2 |
- |
120 |
</li>
|
|
|
121 |
</ul>
|
|
|
122 |
</div>
|
|
|
123 |
</nav>
|
|
|
124 |
|
| 3 |
- |
125 |
<div class="page-header bg-primary">
|
|
|
126 |
<div class="container text-center py-3">
|
| 2 |
- |
127 |
<h1>Find Cheap Music...</h1>
|
| 4 |
- |
128 |
<p class="d-none d-sm-block">Find the cheapest music online. Advertisement free website.</p>
|
| 2 |
- |
129 |
</div>
|
|
|
130 |
</div>
|
|
|
131 |
|
| 3 |
- |
132 |
<div class="container-fluid bg-primary py-3">
|
| 5 |
- |
133 |
<?php
|
|
|
134 |
echo $_SESSION["filterWarnings"];
|
|
|
135 |
?>
|
| 2 |
- |
136 |
<form method="post" action="/index.php"
|
|
|
137 |
onsubmit="document.getElementById('search').innerHTML = '<span class=\'spinner-border spinner-border-sm\'></span> Searching, please wait...';">
|
| 11 |
- |
138 |
<input id="sessionTab" type="hidden" name="sessionTab" value="<?php echo $handler->getSessionTab(); ?>">
|
| 2 |
- |
139 |
<div class="input-group mb-3">
|
|
|
140 |
<div class="input-group-prepend">
|
| 4 |
- |
141 |
<div class="d-none d-sm-block">
|
|
|
142 |
<button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#searchInfoModal"><i class="fas fa-info-circle" style="font-size:25px"></i></button>
|
|
|
143 |
</div>
|
|
|
144 |
<button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#filterModal" data-keyboard="false"><i class="fas fa-filter" style='font-size:25px'></i></button>
|
| 2 |
- |
145 |
</div>
|
| 5 |
- |
146 |
<input id="searchTerm" name="searchTerm" type="text" class="form-control ml-1" placeholder="Search by Barcode, Label, Artist, Title, ..." value="<?php echo getSV("searchTerm") ?>">
|
| 2 |
- |
147 |
<div class="input-group-append">
|
|
|
148 |
<button id="search" type="submit" class="btn btn-success" name="submit" value="Search">Go</button>
|
|
|
149 |
</div>
|
|
|
150 |
</div>
|
| 4 |
- |
151 |
<div class="input-group input-group-sm mb-3 col-xl-5 col-lg-7 col-md-12 col-sm-12 col-12">
|
| 2 |
- |
152 |
<div class="input-group-prepend input-group-sm">
|
| 4 |
- |
153 |
<!--span class="input-group-text mx-1">Shipping to:</span-->
|
|
|
154 |
<label class="mr-2">Shipping to:</label>
|
| 2 |
- |
155 |
</div>
|
| 4 |
- |
156 |
<div class="d-none d-sm-inline-flex">
|
|
|
157 |
<input type="text" class="form-control form-control-sm mx-1" maxlength="20" style="width:12em!important" id="buyerCountry" name="buyerCountry" value="United States" readonly>
|
|
|
158 |
<input type="text" class="form-control form-control-sm mx-1" maxlength="3" style="width:3.5em!important" id="buyerCurrency" name="buyerCurrency" value="USD" readonly>
|
|
|
159 |
</div>
|
| 5 |
- |
160 |
<input type="text" class="form-control form-control-sm mx-1" maxlength="5" style="width:2.5em!important" id="buyerZip" name="buyerZip" placeholder="Zip Code" value="<?php echo $_SESSION["buyer"]["Zip"];?>">
|
| 2 |
- |
161 |
<?php
|
| 5 |
- |
162 |
if ($_SESSION["buyer"]["Zip"] == '') {
|
| 4 |
- |
163 |
echo '<div class="input-group-append input-group-sm mx-1 rounded">';
|
| 5 |
- |
164 |
echo ' <i class="fas fa-exclamation-triangle input-group-text img-fluid rounded" style="font-size:14px;color:orange;" title="Please enter your postal code to get the accurate shipping cost for items listed using a shipping rate table." data-toggle="tooltip" data-placement="auto" data-delay="100"></i>';
|
|
|
165 |
echo '</div>';
|
|
|
166 |
}
|
| 2 |
- |
167 |
?>
|
|
|
168 |
</div>
|
|
|
169 |
</form>
|
|
|
170 |
</div>
|
|
|
171 |
|
| 5 |
- |
172 |
<?php
|
| 10 |
- |
173 |
|
|
|
174 |
include_once('php/discogs.php');
|
|
|
175 |
findDiscogsMaster($_SESSION["searchTerm"]);
|
|
|
176 |
echo $_SESSION["discogs"];
|
|
|
177 |
|
| 9 |
- |
178 |
if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {
|
| 11 |
- |
179 |
echo "<div id=\"productTable\">";
|
| 9 |
- |
180 |
echo printTableHeader();
|
|
|
181 |
echo buildTable();
|
| 11 |
- |
182 |
echo "</div>";
|
| 9 |
- |
183 |
}
|
| 5 |
- |
184 |
echo printSearchFilterModal();
|
|
|
185 |
echo printSearchInfoModal();
|
|
|
186 |
?>
|
| 2 |
- |
187 |
|
|
|
188 |
<footer class="container-fluid text-center">
|
|
|
189 |
<p>Disclaimer: As an Associate we earn from qualifying purchases.</p>
|
| 9 |
- |
190 |
<p>Copyright © <?php echo date("Y"); ?> FindCheapMusic.com. All rights reserved.</p>
|
| 2 |
- |
191 |
</footer>
|
|
|
192 |
|
| 11 |
- |
193 |
<script src="/js/dr.min.js" integrity="sha384-dxd4PdwnWxgxHO8a50F7CizVhl9/GaPSQHyOtYUzpZYBvTgiWLRLj6rQYc/w1vNF" crossorigin="anonymous"></script>
|
| 2 |
- |
194 |
</body>
|
|
|
195 |
</html>
|