Subversion Repositories cheapmusic

Rev

Rev 134 | Rev 138 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
2 - 1 
<?php
107 - 2 
 
121 - 3 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/hosting.php");
65 - 4 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");
5 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");
6 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");
7 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");
8 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");
119 - 9 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/NonceUtil.php");
7 - 10 
 
9 - 11 
error_reporting(E_ALL);
12 
 
35 - 13 
$userData = [];
57 - 14 
$userTheme = 'default';
70 - 15 
$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);
7 - 16 
$crypt = Cryptor::getInstance($configFile['cryptor']);
107 - 17 
$tmpSessionTab = (!empty(getPGV("sessionTab")) && getPGV("sessionTab") > 0 ? getPGV("sessionTab"): null);
7 - 18 
$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);
9 - 19 
$vendors = Vendors::getInstance();
83 - 20 
Vendors::setAllVendors($configFile, $vendors);
121 - 21 
$systemConf = $configFile['system'];
7 - 22 
unset($configFile);
23 
 
121 - 24 
session_set_cookie_params(604800, '/', '.' . $systemConf["domain_name"], true, true);
7 - 25 
session_set_save_handler($handler, true);
35 - 26 
if (!empty($_COOKIE['PHPSESSID'])) {
27 
    session_id($_COOKIE['PHPSESSID']);
28 
}
2 - 29 
session_start();
35 - 30 
 
127 - 31 
initSessionVariables();
32 
$_SESSION["htmlIndent"] = (!empty($systemConf["htmlIndent"]) ? intval($systemConf["htmlIndent"]) : 0);
134 - 33 
$_SESSION["gtmId"] = (empty($systemConf["gtmId"]) ? "" : $systemConf["gtmId"]);
124 - 34 
$_SESSION["nonce"] = NonceUtil::generate($systemConf["nonce_secret"], 1800);
119 - 35 
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/csp.php");
36 
 
35 - 37 
// Check whether user ID is available in cookie
65 - 38 
if (!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash']) && empty($_SESSION['sessData']['loginType'])) {
35 - 39 
    require_once 'login/includes/config.php';
40 
    require_once 'login/includes/User.class.php';
41 
    require_once 'login/includes/password.php';
42 
    $user = new User();
43 
    $conditions['where'] = array(
44 
        'id' => $_COOKIE['rememberUserId']
45 
    );
46 
    $conditions['return_type'] = 'single';
47 
    $userData = $user->getRows($conditions);
48 
    if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {
65 - 49 
        $_SESSION['sessData']['userLoggedIn'] = true;
35 - 50 
        $_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];
36 - 51 
        $userPicture = getUserImage($userData);
57 - 52 
        $userTheme = $userData['theme'];
59 - 53 
        $_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
137 - 54 
        $_SESSION['buyer']['Zip'] = $userData['zip'];
55 
        $_SESSION['buyer']['Country'] = 'United States';
56 
        $_SESSION['buyer']['Currency'] = 'USD';
57 
        $_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
58 
        $_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
59 
        $_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
60 
        $_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
61 
        $_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
62 
        $_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
65 - 63 
    }
64 
    else {
35 - 65 
        unsetSessData();
66 
    }
137 - 67 
// or if the user has already logged in
68 
} else if (isLoggedIn()) {
35 - 69 
    require_once 'login/includes/config.php';
70 
    require_once 'login/includes/User.class.php';
71 
    require_once 'login/includes/password.php';
72 
    $user = new User();
73 
    $conditions['where'] = array(
74 
        'id' => $_SESSION['sessData']['userID']
75 
    );
76 
    $conditions['return_type'] = 'single';
77 
    $userData = $user->getRows($conditions);
57 - 78 
 
35 - 79 
    if (!empty($userData)) {
36 - 80 
        $userPicture = getUserImage($userData);
57 - 81 
        $userTheme = $userData['theme'];
59 - 82 
        $_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
137 - 83 
        $_SESSION['buyer']['Zip'] = $userData['zip'];
84 
        $_SESSION['buyer']['Country'] = 'United States';
85 
        $_SESSION['buyer']['Currency'] = 'USD';
86 
        $_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
87 
        $_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
88 
        $_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
89 
        $_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
90 
        $_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
91 
        $_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
65 - 92 
    }
93 
    else {
35 - 94 
        unsetSessData();
95 
    }
65 - 96 
    // not logged in
114 - 97 
 
65 - 98 
}
137 - 99 
// or user is not logged in
65 - 100 
else {
35 - 101 
    unsetSessData();
102 
}
57 - 103 
 
78 - 104 
checkPriceMonitor();
114 - 105 
 
127 - 106 
echo "<!DOCTYPE html>"; // html5
2 - 107 
 
127 - 108 
$xh = new Html;
109 
$xh->init($_SESSION["htmlIndent"]);
110 
$xh->add_attribute("lang", "en-US");
111 
$xh->tag('html');
112 
$xh->tag('head');
134 - 113 
    $xh->insert_code(headTitle(getPGV('submitBtn')));
127 - 114 
    $xh->add_attribute('name', "keywords");
115 
    $xh->add_attribute('content', "Cheap,Music,Album,Single,Promo,CD,Compact Disc,Vinyl,Record,Digital,Download,Sheet,Book");
116 
    $xh->single_tag('meta');
134 - 117 
    $xh->insert_code(metaDescription(getPGV('submitBtn')));
127 - 118 
    $xh->insert_code(htmlHeader());
119 
    $xh->insert_code(file_get_contents('snippets/fb_tw.txt'));
120 
    $xh->close(); // head
121 
$xh->tag('body');
122 
 
134 - 123 
if (!empty($_SESSION["gtmId"])) {
127 - 124 
    $xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));
125 
    $xh->tag('noscript');
134 - 126 
        $xh->add_attribute("src", "https://www.googletagmanager.com/ns.html?id=" . $_SESSION["gtmId"]);
127 - 127 
        $xh->add_attribute("height", "0");
128 
        $xh->add_attribute("width", "0");
129 
        $xh->add_attribute("style", "display:none;visibility:hidden");
130 
        $xh->add_attribute("title", "Tagmanager");
131 
        $xh->tag('iframe', "");
132 
    $xh->close(); // noscript
119 - 133 
}
134 
 
2 - 135 
if ($_SERVER["REQUEST_METHOD"] == "POST") {
134 - 136 
    if ($_POST["submitBtn"] == "Search") {
137 - 137 
        buildDiscogsSearchTerm();
2 - 138 
 
137 - 139 
        if (!empty($_SESSION["searchTerm"])) {
116 - 140 
            performSearch();
65 - 141 
        }
137 - 142 
    } else if ($_POST["submitBtn"] == "advSearch") {
143 
        buildDiscogsSearchTerm();
144 
        if (!empty($_SESSION["advSearch"])) {
116 - 145 
            performSearch();
65 - 146 
        }
137 - 147 
    } else if ($_POST["submitBtn"] == "discogsSearch") {
148 
        buildDiscogsSearchTerm();
149 
        if (!empty($_SESSION["searchTerm"])) {
116 - 150 
            performSearch();
65 - 151 
        }
137 - 152 
    } else if ($_POST["submitBtn"] == "unsubscribe") {
73 - 153 
// bugbug
154 
    }
65 - 155 
}
156 
else if ($_SERVER["REQUEST_METHOD"] == "GET") {
137 - 157 
    buildDiscogsSearchTerm();
158 
    if (!empty($_SESSION["searchTerm"])) {
116 - 159 
        performSearch();
65 - 160 
    }
2 - 161 
}
162 
 
137 - 163 
$xh->insert_code(navigationPane($userPicture ?? null));
127 - 164 
 
165 
    $xh->add_attribute("class", "page-header bg-primary");
166 
    $xh->tag('div');
167 
        $xh->add_attribute("class", "container text-center py-3");
168 
        $xh->tag('div');
169 
 
134 - 170 
if (getPGV('submitBtn') == "terms") {
127 - 171 
    $xh->tag('h1', "Terms of Service");
137 - 172 
} else if (getPGV('submitBtn') == "privacy") {
127 - 173 
    $xh->tag('h1', "Privacy Policy");
137 - 174 
} else if (getPGV('submitBtn') == "coupons") {
127 - 175 
    $xh->tag('h1', "Special Offers &amp; Coupon Codes");
137 - 176 
} else if (getPGV('submitBtn') == "wishlist") {
127 - 177 
    $xh->tag('h1', "Wishlist");
78 - 178 
    if (!empty($_SESSION['priceMonitor'])) {
127 - 179 
        $xh->add_attribute("method", "post");
180 
        $xh->add_attribute("action", "/index.php");
181 
        $xh->tag('form');
182 
            $xh->insert_code(inputSessionTab());
183 
            $xh->insert_code(inputNonce());
184 
            $xh->add_attribute("class", "btn btn-info rounded");
185 
            $xh->add_attribute("id", "priceMonitor");
186 
            $xh->add_attribute("type", "submit");
134 - 187 
            $xh->add_attribute("name", "submitBtn");
127 - 188 
            $xh->add_attribute("value", "priceMonitor");
189 
            $xh->tag('button', "Price Monitor Results");
190 
            if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) {
191 
                $xh->add_attribute("class", "badge badge-pill badge-dark");
134 - 192 
                 $xh->tag('span', "New");
127 - 193 
            }
194 
            $xh->close(); // button
195 
        $xh->close(); // form
78 - 196 
    }
137 - 197 
} else if (getPGV('submitBtn') == "priceMonitor") {
127 - 198 
    $xh->tag('h1', "Price Monitor Results");
137 - 199 
} else if (getPGV('submitBtn') == "help") {
127 - 200 
    $xh->tag('h1', "Getting Started");
137 - 201 
} else if (getPGV('submitBtn') == "barcode") {
127 - 202 
    $xh->tag('h1', "Barcode Checker");
137 - 203 
} else if (getPGV('submitBtn') == "unsubscribe") {
127 - 204 
    $xh->tag('h1', "Unsubscribe Wishlist");
137 - 205 
} else {
127 - 206 
    $xh->tag('h1', "Find Cheap CDs, Records, Digital, Books and Sheets");
207 
    $xh->add_attribute("id", "textslide");
208 
    $xh->add_attribute("class", "d-none d-sm-block");
209 
    $xh->tag('p', "Bookmark FindCheapMusic.com");
65 - 210 
}
2 - 211 
 
127 - 212 
        $xh->close(); // div
213 
    $xh->close(); // div
73 - 214 
 
128 - 215 
 
127 - 216 
    $xh->insert_code(mainSearchForm());
137 - 217 
    //$xh->insert_code(mainAdvSearchForm()); bugbug
2 - 218 
 
134 - 219 
if (getPGV('submitBtn') == "terms") {
120 - 220 
    $snip = file_get_contents('snippets/terms.txt');
221 
    $snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);
127 - 222 
    $xh->insert_code($snip);
137 - 223 
} else if (getPGV('submitBtn') == "privacy") {
120 - 224 
    $snip = file_get_contents('snippets/privacy.txt');
225 
    $snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);
127 - 226 
    $xh->insert_code($snip);
137 - 227 
} else if (getPGV('submitBtn') == "help") {
127 - 228 
    $xh->insert_code(printHelp());
137 - 229 
} else if (getPGV('submitBtn') == "barcode") {
127 - 230 
    $xh->insert_code(barcodePage());
137 - 231 
} else if (getPGV('submitBtn') == "coupons") {
65 - 232 
    //get_linkshareCoupons(); // bugbug
127 - 233 
    $xh->insert_code(getCouponCodes());
137 - 234 
} else if (getPGV('submitBtn') == "wishlist") {
127 - 235 
    $xh->insert_code(getWishlist());
137 - 236 
} else if (getPGV('submitBtn') == "priceMonitor") {
127 - 237 
    $xh->add_attribute("class", "container");
238 
    $xh->add_attribute("id", "productTable");
239 
    $xh->tag('div');
240 
    $xh->insert_code(getPriceMonitor());
241 
    $xh->close(); // div
137 - 242 
} else if (getPGV('submitBtn') == "unsubscribe") {
127 - 243 
    $xh->insert_code(unsubscribeWishlist($_GET));
137 - 244 
} else if (getPGV('submitBtn') == "random") {
65 - 245 
    findDiscogsMaster("***RANDOM***");
119 - 246 
    if (!empty($_SESSION["discogs"])) {
127 - 247 
        $xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
119 - 248 
    }
137 - 249 
} else {
65 - 250 
    if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {
127 - 251 
        $xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
252 
        $xh->add_attribute("class", "container border py-2");
253 
        $xh->add_attribute("id", "productTable");
254 
        $xh->tag('div');
255 
        $xh->insert_code(storeOfferHeader());
104 - 256 
        if ($_SESSION["lowestPrice"]["All"] > 0.00) {
127 - 257 
            $xh->insert_code(printResultHeader());
104 - 258 
        }
127 - 259 
        $xh->insert_code(printResult());
260 
        $xh->close(); // div
133 - 261 
        $xh->insert_code(productTableEventListeners());
65 - 262 
    }
263 
    else if (!empty($_SESSION["discogs"])) {
127 - 264 
        $xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
65 - 265 
    }
266 
    else {
127 - 267 
        $xh->insert_code(startscreen());
14 - 268 
    }
127 - 269 
 
270 
    $xh->insert_code(printSearchInfoModal());
65 - 271 
}
2 - 272 
 
127 - 273 
$xh->insert_code(printProgessbarModal());
14 - 274 
 
128 - 275 
$xh->insert_code(printSocialIconBar());
81 - 276 
 
127 - 277 
$xh->insert_code(htmlFooter());
2 - 278 
 
127 - 279 
$xh->insert_code(headerQuoteSlides());
280 
 
281 
$xh->insert_code(downloadAtOnload());
282 
 
283 
$xh->tag('form');
284 
    $xh->add_attribute("type", "hidden");
285 
    $xh->add_attribute("id", "nonce");
286 
    $xh->add_attribute("name", "nonce");
287 
    $xh->add_attribute("value", $_SESSION["nonce"]);
288 
    $xh->single_tag('input');
289 
$xh->close(); // form
290 
 
291 
$xh->close(); // body
292 
$xh->close(); // html
293 
 
294 
$html = $xh->flush();
295 
//error_log(print_r($html, 1));
296 
 
297 
echo $html;
298 
 
299 
MySessionHandler::commit(session_id());