Subversion Repositories cheapmusic

Rev

Rev 133 | Rev 137 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
2 - 1 
<?php
107 - 2 
 
121 - 3 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/hosting.php");
65 - 4 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");
5 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");
6 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");
7 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");
8 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");
119 - 9 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/NonceUtil.php");
7 - 10 
 
9 - 11 
error_reporting(E_ALL);
12 
 
35 - 13 
$userData = [];
57 - 14 
$userTheme = 'default';
70 - 15 
$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);
7 - 16 
$crypt = Cryptor::getInstance($configFile['cryptor']);
107 - 17 
$tmpSessionTab = (!empty(getPGV("sessionTab")) && getPGV("sessionTab") > 0 ? getPGV("sessionTab"): null);
7 - 18 
$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);
9 - 19 
$vendors = Vendors::getInstance();
83 - 20 
Vendors::setAllVendors($configFile, $vendors);
121 - 21 
$systemConf = $configFile['system'];
7 - 22 
unset($configFile);
23 
 
121 - 24 
session_set_cookie_params(604800, '/', '.' . $systemConf["domain_name"], true, true);
7 - 25 
session_set_save_handler($handler, true);
35 - 26 
if (!empty($_COOKIE['PHPSESSID'])) {
27 
    session_id($_COOKIE['PHPSESSID']);
28 
}
2 - 29 
session_start();
35 - 30 
 
127 - 31 
initSessionVariables();
32 
$_SESSION["htmlIndent"] = (!empty($systemConf["htmlIndent"]) ? intval($systemConf["htmlIndent"]) : 0);
134 - 33 
$_SESSION["gtmId"] = (empty($systemConf["gtmId"]) ? "" : $systemConf["gtmId"]);
124 - 34 
$_SESSION["nonce"] = NonceUtil::generate($systemConf["nonce_secret"], 1800);
119 - 35 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/csp.php");
36 
 
35 - 37 
// Check whether user ID is available in cookie
65 - 38 
if (!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash']) && empty($_SESSION['sessData']['loginType'])) {
35 - 39 
    require_once 'login/includes/config.php';
40 
    require_once 'login/includes/User.class.php';
41 
    require_once 'login/includes/password.php';
42 
    $user = new User();
43 
    $conditions['where'] = array(
44 
        'id' => $_COOKIE['rememberUserId']
45 
    );
46 
    $conditions['return_type'] = 'single';
47 
    $userData = $user->getRows($conditions);
48 
    if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {
65 - 49 
        $_SESSION['sessData']['userLoggedIn'] = true;
35 - 50 
        $_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];
36 - 51 
        $userPicture = getUserImage($userData);
57 - 52 
        $userTheme = $userData['theme'];
59 - 53 
        $_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
57 - 54 
        if (empty($_SESSION["manualFilter"])) {
55 
            $_SESSION['buyer']['Zip'] = $userData['zip'];
56 
            $_SESSION['buyer']['Country'] = 'United States';
57 
            $_SESSION['buyer']['Currency'] = 'USD';
65 - 58 
            $_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
59 
            $_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
60 
            $_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
61 
            $_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
62 
            $_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
63 
            $_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
64 
        }
65 
    }
66 
    else {
35 - 67 
        unsetSessData();
68 
    }
65 - 69 
    // or if the user has already logged in
114 - 70 
 
65 - 71 
}
72 
else if (isLoggedIn()) {
35 - 73 
    require_once 'login/includes/config.php';
74 
    require_once 'login/includes/User.class.php';
75 
    require_once 'login/includes/password.php';
76 
    $user = new User();
77 
    $conditions['where'] = array(
78 
        'id' => $_SESSION['sessData']['userID']
79 
    );
80 
    $conditions['return_type'] = 'single';
81 
    $userData = $user->getRows($conditions);
57 - 82 
 
35 - 83 
    if (!empty($userData)) {
36 - 84 
        $userPicture = getUserImage($userData);
57 - 85 
        $userTheme = $userData['theme'];
59 - 86 
        $_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
57 - 87 
        if (empty($_SESSION["manualFilter"])) {
35 - 88 
            $_SESSION['buyer']['Zip'] = $userData['zip'];
89 
            $_SESSION['buyer']['Country'] = 'United States';
90 
            $_SESSION['buyer']['Currency'] = 'USD';
65 - 91 
            $_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
92 
            $_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
93 
            $_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
94 
            $_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
95 
            $_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
96 
            $_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
35 - 97 
        }
65 - 98 
    }
99 
    else {
35 - 100 
        unsetSessData();
101 
    }
65 - 102 
    // not logged in
114 - 103 
 
65 - 104 
}
105 
else {
35 - 106 
    unsetSessData();
107 
}
57 - 108 
 
78 - 109 
checkPriceMonitor();
114 - 110 
 
127 - 111 
echo "<!DOCTYPE html>"; // html5
2 - 112 
 
127 - 113 
$xh = new Html;
114 
$xh->init($_SESSION["htmlIndent"]);
115 
$xh->add_attribute("lang", "en-US");
116 
$xh->tag('html');
117 
$xh->tag('head');
134 - 118 
    $xh->insert_code(headTitle(getPGV('submitBtn')));
127 - 119 
    $xh->add_attribute('name', "keywords");
120 
    $xh->add_attribute('content', "Cheap,Music,Album,Single,Promo,CD,Compact Disc,Vinyl,Record,Digital,Download,Sheet,Book");
121 
    $xh->single_tag('meta');
134 - 122 
    $xh->insert_code(metaDescription(getPGV('submitBtn')));
127 - 123 
    $xh->insert_code(htmlHeader());
124 
    $xh->insert_code(file_get_contents('snippets/fb_tw.txt'));
125 
    $xh->close(); // head
126 
$xh->tag('body');
127 
 
134 - 128 
if (!empty($_SESSION["gtmId"])) {
127 - 129 
    $xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));
130 
    $xh->tag('noscript');
134 - 131 
        $xh->add_attribute("src", "https://www.googletagmanager.com/ns.html?id=" . $_SESSION["gtmId"]);
127 - 132 
        $xh->add_attribute("height", "0");
133 
        $xh->add_attribute("width", "0");
134 
        $xh->add_attribute("style", "display:none;visibility:hidden");
135 
        $xh->add_attribute("title", "Tagmanager");
136 
        $xh->tag('iframe', "");
137 
    $xh->close(); // noscript
119 - 138 
}
139 
 
2 - 140 
if ($_SERVER["REQUEST_METHOD"] == "POST") {
134 - 141 
    if (empty($_POST["submitBtn"])) {$_POST["submitBtn"] = "Search";}
142 
    if ($_POST["submitBtn"] == "Search") {
35 - 143 
        if (empty($_SESSION['buyer']['Zip'])) {
65 - 144 
            $zip = (empty($_POST['buyerZip']) ? "" : sanitizeInput($_POST['buyerZip']));
145 
            if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {
57 - 146 
                if ($_SESSION["buyer"]["Zip"] != $zip) {
65 - 147 
                    $_SESSION["manualFilter"] = true;
148 
                    $_SESSION["buyer"]["Zip"] = $zip;
149 
                }
150 
            }
151 
            else if (strlen($zip) == 0) {
152 
                $_SESSION["buyer"]["Zip"] = "";
153 
            }
154 
        }
2 - 155 
 
46 - 156 
        $_SESSION["discogsTitle"] = "";
157 
        $_SESSION["discogsArtist"] = "";
65 - 158 
        $searchTerm = (empty($_POST['searchTerm']) ? "" : searchFriendlyString($_POST['searchTerm']));
159 
        if (empty($searchTerm)) {
160 
            resetSessionVars();
161 
        }
162 
        else {
163 
            $_SESSION["searchTerm"] = $searchTerm;
116 - 164 
            performSearch();
65 - 165 
        }
166 
    }
134 - 167 
    else if ($_POST["submitBtn"] == "Save") {
65 - 168 
        $_SESSION["manualFilter"] = true;
66 - 169 
        if (!isset($_POST["filterCondition"])) {$_POST["filterCondition"] = []; }
170 
        if (!is_array($_POST["filterCondition"])) { $_POST["filterCondition"] = [ $_POST["filterCondition"] ];}
171 
        $_SESSION["filterCondition"]["New"] = in_array("New", $_POST["filterCondition"]);
172 
        $_SESSION["filterCondition"]["Used"] = in_array("Used", $_POST["filterCondition"]);
173 
        if (!isset($_POST["filterMediaType"])) {$_POST["filterMediaType"] = []; }
174 
        if (!is_array($_POST["filterMediaType"])) { $_POST["filterMediaType"] = [ $_POST["filterMediaType"] ];}
175 
        $_SESSION["filterMediaType"]["CD"] = in_array("CD", $_POST["filterMediaType"]);
176 
        $_SESSION["filterMediaType"]["Record"] = in_array("Record", $_POST["filterMediaType"]);
177 
        $_SESSION["filterMediaType"]["Digital"] = in_array("Digital", $_POST["filterMediaType"]);
178 
        $_SESSION["filterMediaType"]["Book"] = in_array("Book", $_POST["filterMediaType"]);
2 - 179 
 
46 - 180 
        $_SESSION["discogsTitle"] = "";
181 
        $_SESSION["discogsArtist"] = "";
65 - 182 
        $searchTerm = searchFriendlyString($_POST['searchTerm']);
183 
        if (empty($searchTerm)) {
184 
            resetSessionVars();
185 
        }
186 
        else {
187 
            $_SESSION["searchTerm"] = $searchTerm;
116 - 188 
            performSearch();
65 - 189 
        }
190 
    }
134 - 191 
    else if ($_POST["submitBtn"] == "discogsSearch") {
50 - 192 
        $searchTerm = "";
193 
        if (!empty($_POST['discogsBarcode'])) {
65 - 194 
            $searchTerm = searchFriendlyString($_POST['discogsBarcode']);
195 
        }
196 
        else {
50 - 197 
            if (!empty($_POST['discogsTitle'])) {
198 
                $searchTerm = $_POST['discogsTitle'];
199 
            }
58 - 200 
 
50 - 201 
            if (!empty($_POST['discogsArtist'])) {
202 
                $searchTerm .= " " . $_POST['discogsArtist'];
203 
            }
58 - 204 
 
50 - 205 
            $searchTerm = trim($searchTerm);
206 
        }
207 
 
65 - 208 
        if (empty($searchTerm)) {
209 
            resetSessionVars();
210 
        }
211 
        else {
212 
            $_SESSION["searchTerm"] = $searchTerm;
46 - 213 
            if (isset($_POST['discogsTitle'])) {
214 
                $_SESSION["discogsTitle"] = searchFriendlyString($_POST['discogsTitle']);
215 
            }
216 
            if (isset($_POST['discogsArtist'])) {
217 
                $_SESSION["discogsArtist"] = searchFriendlyString($_POST['discogsArtist']);
218 
            }
14 - 219 
 
116 - 220 
            performSearch();
65 - 221 
        }
222 
    }
134 - 223 
    else if ($_POST["submitBtn"] == "unsubscribe") {
73 - 224 
// bugbug
225 
    }
65 - 226 
}
227 
else if ($_SERVER["REQUEST_METHOD"] == "GET") {
228 
    if (isset($_GET['z'])) {
229 
        $_SESSION["buyer"]["Zip"] = "";
230 
        $zip = sanitizeInput($_GET['z']);
231 
        if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {
232 
            $_SESSION["buyer"]["Zip"] = $zip;
233 
        }
234 
    }
2 - 235 
 
9 - 236 
    $_SESSION["searchTerm"] = "";
65 - 237 
    if (isset($_GET['q'])) {
238 
        $_SESSION["searchTerm"] = searchFriendlyString($_GET["q"]);
116 - 239 
        performSearch();
65 - 240 
    }
2 - 241 
}
242 
 
127 - 243 
$xh->insert_code(navigationPane(isset($userPicture) ? $userPicture : null));
244 
 
245 
    $xh->add_attribute("class", "page-header bg-primary");
246 
    $xh->tag('div');
247 
        $xh->add_attribute("class", "container text-center py-3");
248 
        $xh->tag('div');
249 
 
134 - 250 
if (getPGV('submitBtn') == "terms") {
127 - 251 
    $xh->tag('h1', "Terms of Service");
65 - 252 
}
134 - 253 
else if (getPGV('submitBtn') == "privacy") {
127 - 254 
    $xh->tag('h1', "Privacy Policy");
65 - 255 
}
134 - 256 
else if (getPGV('submitBtn') == "coupons") {
127 - 257 
    $xh->tag('h1', "Special Offers &amp; Coupon Codes");
65 - 258 
}
134 - 259 
else if (getPGV('submitBtn') == "wishlist") {
127 - 260 
    $xh->tag('h1', "Wishlist");
78 - 261 
    if (!empty($_SESSION['priceMonitor'])) {
127 - 262 
        $xh->add_attribute("method", "post");
263 
        $xh->add_attribute("action", "/index.php");
264 
        $xh->tag('form');
265 
            $xh->insert_code(inputSessionTab());
266 
            $xh->insert_code(inputNonce());
267 
            $xh->add_attribute("class", "btn btn-info rounded");
268 
            $xh->add_attribute("id", "priceMonitor");
269 
            $xh->add_attribute("type", "submit");
134 - 270 
            $xh->add_attribute("name", "submitBtn");
127 - 271 
            $xh->add_attribute("value", "priceMonitor");
272 
            $xh->tag('button', "Price Monitor Results");
273 
            if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) {
274 
                $xh->add_attribute("class", "badge badge-pill badge-dark");
134 - 275 
                 $xh->tag('span', "New");
127 - 276 
            }
277 
            $xh->close(); // button
278 
        $xh->close(); // form
78 - 279 
    }
65 - 280 
}
134 - 281 
else if (getPGV('submitBtn') == "priceMonitor") {
127 - 282 
    $xh->tag('h1', "Price Monitor Results");
78 - 283 
}
134 - 284 
else if (getPGV('submitBtn') == "help") {
127 - 285 
    $xh->tag('h1', "Getting Started");
65 - 286 
}
134 - 287 
else if (getPGV('submitBtn') == "barcode") {
127 - 288 
    $xh->tag('h1', "Barcode Checker");
113 - 289 
}
134 - 290 
else if (getPGV('submitBtn') == "unsubscribe") {
127 - 291 
    $xh->tag('h1', "Unsubscribe Wishlist");
73 - 292 
}
65 - 293 
else {
127 - 294 
    $xh->tag('h1', "Find Cheap CDs, Records, Digital, Books and Sheets");
295 
    $xh->add_attribute("id", "textslide");
296 
    $xh->add_attribute("class", "d-none d-sm-block");
297 
    $xh->tag('p', "Bookmark FindCheapMusic.com");
65 - 298 
}
2 - 299 
 
127 - 300 
        $xh->close(); // div
301 
    $xh->close(); // div
73 - 302 
 
128 - 303 
 
127 - 304 
    $xh->insert_code(mainSearchForm());
2 - 305 
 
134 - 306 
if (getPGV('submitBtn') == "terms") {
120 - 307 
    $snip = file_get_contents('snippets/terms.txt');
308 
    $snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);
127 - 309 
    $xh->insert_code($snip);
65 - 310 
}
134 - 311 
else if (getPGV('submitBtn') == "privacy") {
120 - 312 
    $snip = file_get_contents('snippets/privacy.txt');
313 
    $snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);
127 - 314 
    $xh->insert_code($snip);
65 - 315 
}
134 - 316 
else if (getPGV('submitBtn') == "help") {
127 - 317 
    $xh->insert_code(printHelp());
65 - 318 
}
134 - 319 
else if (getPGV('submitBtn') == "barcode") {
127 - 320 
    $xh->insert_code(barcodePage());
113 - 321 
}
134 - 322 
else if (getPGV('submitBtn') == "coupons") {
65 - 323 
    //get_linkshareCoupons(); // bugbug
127 - 324 
    $xh->insert_code(getCouponCodes());
65 - 325 
}
134 - 326 
else if (getPGV('submitBtn') == "wishlist") {
127 - 327 
    $xh->insert_code(getWishlist());
65 - 328 
}
134 - 329 
else if (getPGV('submitBtn') == "priceMonitor") {
127 - 330 
    $xh->add_attribute("class", "container");
331 
    $xh->add_attribute("id", "productTable");
332 
    $xh->tag('div');
333 
    $xh->insert_code(getPriceMonitor());
334 
    $xh->close(); // div
78 - 335 
}
134 - 336 
else if (getPGV('submitBtn') == "unsubscribe") {
127 - 337 
    $xh->insert_code(unsubscribeWishlist($_GET));
73 - 338 
}
134 - 339 
else if (getPGV('submitBtn') == "random") {
65 - 340 
    findDiscogsMaster("***RANDOM***");
119 - 341 
    if (!empty($_SESSION["discogs"])) {
127 - 342 
        $xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
119 - 343 
    }
65 - 344 
}
345 
else {
346 
    if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {
127 - 347 
        $xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
348 
        $xh->add_attribute("class", "container border py-2");
349 
        $xh->add_attribute("id", "productTable");
350 
        $xh->tag('div');
351 
        $xh->insert_code(storeOfferHeader());
104 - 352 
        if ($_SESSION["lowestPrice"]["All"] > 0.00) {
127 - 353 
            $xh->insert_code(printResultHeader());
104 - 354 
        }
127 - 355 
        $xh->insert_code(printResult());
356 
        $xh->close(); // div
133 - 357 
        $xh->insert_code(productTableEventListeners());
65 - 358 
    }
359 
    else if (!empty($_SESSION["discogs"])) {
127 - 360 
        $xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
65 - 361 
    }
362 
    else {
127 - 363 
        $xh->insert_code(startscreen());
14 - 364 
    }
127 - 365 
 
366 
    $xh->insert_code(printSearchInfoModal());
65 - 367 
}
2 - 368 
 
127 - 369 
$xh->insert_code(printProgessbarModal());
14 - 370 
 
128 - 371 
$xh->insert_code(printSocialIconBar());
81 - 372 
 
127 - 373 
$xh->insert_code(htmlFooter());
2 - 374 
 
127 - 375 
$xh->insert_code(headerQuoteSlides());
376 
 
377 
$xh->insert_code(downloadAtOnload());
378 
 
379 
$xh->tag('form');
380 
    $xh->add_attribute("type", "hidden");
381 
    $xh->add_attribute("id", "nonce");
382 
    $xh->add_attribute("name", "nonce");
383 
    $xh->add_attribute("value", $_SESSION["nonce"]);
384 
    $xh->single_tag('input');
385 
$xh->close(); // form
386 
 
387 
$xh->close(); // body
388 
$xh->close(); // html
389 
 
390 
$html = $xh->flush();
391 
//error_log(print_r($html, 1));
392 
 
393 
echo $html;
394 
 
395 
MySessionHandler::commit(session_id());