| 2 |
- |
1 |
<?php
|
| 121 |
- |
2 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/hosting.php");
|
| 65 |
- |
3 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");
|
|
|
4 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");
|
|
|
5 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");
|
|
|
6 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");
|
|
|
7 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");
|
| 119 |
- |
8 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/NonceUtil.php");
|
| 7 |
- |
9 |
|
| 9 |
- |
10 |
error_reporting(E_ALL);
|
|
|
11 |
|
| 35 |
- |
12 |
$userData = [];
|
| 57 |
- |
13 |
$userTheme = 'default';
|
| 70 |
- |
14 |
$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);
|
| 7 |
- |
15 |
$crypt = Cryptor::getInstance($configFile['cryptor']);
|
| 107 |
- |
16 |
$tmpSessionTab = (!empty(getPGV("sessionTab")) && getPGV("sessionTab") > 0 ? getPGV("sessionTab"): null);
|
| 7 |
- |
17 |
$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);
|
| 9 |
- |
18 |
$vendors = Vendors::getInstance();
|
| 83 |
- |
19 |
Vendors::setAllVendors($configFile, $vendors);
|
| 121 |
- |
20 |
$systemConf = $configFile['system'];
|
| 7 |
- |
21 |
unset($configFile);
|
|
|
22 |
|
| 121 |
- |
23 |
session_set_cookie_params(604800, '/', '.' . $systemConf["domain_name"], true, true);
|
| 7 |
- |
24 |
session_set_save_handler($handler, true);
|
| 35 |
- |
25 |
if (!empty($_COOKIE['PHPSESSID'])) {
|
|
|
26 |
session_id($_COOKIE['PHPSESSID']);
|
|
|
27 |
}
|
| 2 |
- |
28 |
session_start();
|
| 35 |
- |
29 |
|
| 138 |
- |
30 |
initSessionVariables($systemConf);
|
|
|
31 |
|
| 119 |
- |
32 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/csp.php");
|
|
|
33 |
|
| 35 |
- |
34 |
// Check whether user ID is available in cookie
|
| 65 |
- |
35 |
if (!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash']) && empty($_SESSION['sessData']['loginType'])) {
|
| 35 |
- |
36 |
require_once 'login/includes/config.php';
|
|
|
37 |
require_once 'login/includes/User.class.php';
|
|
|
38 |
require_once 'login/includes/password.php';
|
|
|
39 |
$user = new User();
|
|
|
40 |
$conditions['where'] = array(
|
|
|
41 |
'id' => $_COOKIE['rememberUserId']
|
|
|
42 |
);
|
|
|
43 |
$conditions['return_type'] = 'single';
|
|
|
44 |
$userData = $user->getRows($conditions);
|
|
|
45 |
if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {
|
| 65 |
- |
46 |
$_SESSION['sessData']['userLoggedIn'] = true;
|
| 35 |
- |
47 |
$_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];
|
| 36 |
- |
48 |
$userPicture = getUserImage($userData);
|
| 57 |
- |
49 |
$userTheme = $userData['theme'];
|
| 59 |
- |
50 |
$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
|
| 137 |
- |
51 |
$_SESSION['buyer']['Zip'] = $userData['zip'];
|
|
|
52 |
$_SESSION['buyer']['Country'] = 'United States';
|
|
|
53 |
$_SESSION['buyer']['Currency'] = 'USD';
|
|
|
54 |
$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
|
|
|
55 |
$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
|
|
|
56 |
$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
|
|
|
57 |
$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
|
|
|
58 |
$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
|
|
|
59 |
$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
|
| 65 |
- |
60 |
}
|
|
|
61 |
else {
|
| 35 |
- |
62 |
unsetSessData();
|
|
|
63 |
}
|
| 137 |
- |
64 |
// or if the user has already logged in
|
|
|
65 |
} else if (isLoggedIn()) {
|
| 35 |
- |
66 |
require_once 'login/includes/config.php';
|
|
|
67 |
require_once 'login/includes/User.class.php';
|
|
|
68 |
require_once 'login/includes/password.php';
|
|
|
69 |
$user = new User();
|
|
|
70 |
$conditions['where'] = array(
|
|
|
71 |
'id' => $_SESSION['sessData']['userID']
|
|
|
72 |
);
|
|
|
73 |
$conditions['return_type'] = 'single';
|
|
|
74 |
$userData = $user->getRows($conditions);
|
| 57 |
- |
75 |
|
| 35 |
- |
76 |
if (!empty($userData)) {
|
| 36 |
- |
77 |
$userPicture = getUserImage($userData);
|
| 57 |
- |
78 |
$userTheme = $userData['theme'];
|
| 59 |
- |
79 |
$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
|
| 137 |
- |
80 |
$_SESSION['buyer']['Zip'] = $userData['zip'];
|
|
|
81 |
$_SESSION['buyer']['Country'] = 'United States';
|
|
|
82 |
$_SESSION['buyer']['Currency'] = 'USD';
|
|
|
83 |
$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
|
|
|
84 |
$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
|
|
|
85 |
$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
|
|
|
86 |
$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
|
|
|
87 |
$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
|
|
|
88 |
$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
|
| 65 |
- |
89 |
}
|
|
|
90 |
else {
|
| 35 |
- |
91 |
unsetSessData();
|
|
|
92 |
}
|
| 137 |
- |
93 |
// or user is not logged in
|
| 138 |
- |
94 |
} else {
|
| 35 |
- |
95 |
unsetSessData();
|
|
|
96 |
}
|
| 57 |
- |
97 |
|
| 78 |
- |
98 |
checkPriceMonitor();
|
| 114 |
- |
99 |
|
| 127 |
- |
100 |
echo "<!DOCTYPE html>"; // html5
|
| 2 |
- |
101 |
|
| 127 |
- |
102 |
$xh = new Html;
|
|
|
103 |
$xh->init($_SESSION["htmlIndent"]);
|
|
|
104 |
$xh->add_attribute("lang", "en-US");
|
|
|
105 |
$xh->tag('html');
|
|
|
106 |
$xh->tag('head');
|
| 134 |
- |
107 |
$xh->insert_code(headTitle(getPGV('submitBtn')));
|
| 127 |
- |
108 |
$xh->add_attribute('name', "keywords");
|
|
|
109 |
$xh->add_attribute('content', "Cheap,Music,Album,Single,Promo,CD,Compact Disc,Vinyl,Record,Digital,Download,Sheet,Book");
|
|
|
110 |
$xh->single_tag('meta');
|
| 134 |
- |
111 |
$xh->insert_code(metaDescription(getPGV('submitBtn')));
|
| 127 |
- |
112 |
$xh->insert_code(htmlHeader());
|
|
|
113 |
$xh->insert_code(file_get_contents('snippets/fb_tw.txt'));
|
|
|
114 |
$xh->close(); // head
|
|
|
115 |
$xh->tag('body');
|
|
|
116 |
|
| 134 |
- |
117 |
if (!empty($_SESSION["gtmId"])) {
|
| 127 |
- |
118 |
$xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));
|
| 138 |
- |
119 |
$xh->tag('style');
|
|
|
120 |
$xh->insert_code(".gtm-noscript{display:none;visibility:hidden;}");
|
|
|
121 |
$xh->close(); // style
|
|
|
122 |
$xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));
|
| 127 |
- |
123 |
$xh->tag('noscript');
|
| 134 |
- |
124 |
$xh->add_attribute("src", "https://www.googletagmanager.com/ns.html?id=" . $_SESSION["gtmId"]);
|
| 127 |
- |
125 |
$xh->add_attribute("height", "0");
|
|
|
126 |
$xh->add_attribute("width", "0");
|
| 138 |
- |
127 |
$xh->add_attribute("class", "gtm-noscript");
|
| 127 |
- |
128 |
$xh->add_attribute("title", "Tagmanager");
|
|
|
129 |
$xh->tag('iframe', "");
|
|
|
130 |
$xh->close(); // noscript
|
| 119 |
- |
131 |
}
|
|
|
132 |
|
| 2 |
- |
133 |
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
| 134 |
- |
134 |
if ($_POST["submitBtn"] == "Search") {
|
| 137 |
- |
135 |
buildDiscogsSearchTerm();
|
| 2 |
- |
136 |
|
| 137 |
- |
137 |
if (!empty($_SESSION["searchTerm"])) {
|
| 138 |
- |
138 |
$_SESSION["mode"] = SIMPLE_SEARCH;
|
| 116 |
- |
139 |
performSearch();
|
| 65 |
- |
140 |
}
|
| 137 |
- |
141 |
} else if ($_POST["submitBtn"] == "advSearch") {
|
|
|
142 |
buildDiscogsSearchTerm();
|
|
|
143 |
if (!empty($_SESSION["advSearch"])) {
|
| 138 |
- |
144 |
$_SESSION["mode"] = ADVANCED_SEARCH;
|
| 116 |
- |
145 |
performSearch();
|
| 65 |
- |
146 |
}
|
| 137 |
- |
147 |
} else if ($_POST["submitBtn"] == "discogsSearch") {
|
|
|
148 |
buildDiscogsSearchTerm();
|
|
|
149 |
if (!empty($_SESSION["searchTerm"])) {
|
| 116 |
- |
150 |
performSearch();
|
| 65 |
- |
151 |
}
|
| 137 |
- |
152 |
} else if ($_POST["submitBtn"] == "unsubscribe") {
|
| 73 |
- |
153 |
// bugbug
|
|
|
154 |
}
|
| 65 |
- |
155 |
}
|
|
|
156 |
else if ($_SERVER["REQUEST_METHOD"] == "GET") {
|
| 137 |
- |
157 |
buildDiscogsSearchTerm();
|
|
|
158 |
if (!empty($_SESSION["searchTerm"])) {
|
| 138 |
- |
159 |
/*
|
|
|
160 |
$xh->insert_code(printProgessbarModal());
|
|
|
161 |
$xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));
|
|
|
162 |
$xh->tag('script');
|
|
|
163 |
$str = 'progressBar(' . $_SESSION["searchTerm"] . ');';
|
|
|
164 |
$xh->insert_code($str);
|
|
|
165 |
$xh->flush();
|
|
|
166 |
$xh->close(); // script
|
|
|
167 |
*/
|
| 116 |
- |
168 |
performSearch();
|
| 65 |
- |
169 |
}
|
| 2 |
- |
170 |
}
|
|
|
171 |
|
| 137 |
- |
172 |
$xh->insert_code(navigationPane($userPicture ?? null));
|
| 127 |
- |
173 |
|
|
|
174 |
$xh->add_attribute("class", "page-header bg-primary");
|
|
|
175 |
$xh->tag('div');
|
|
|
176 |
$xh->add_attribute("class", "container text-center py-3");
|
|
|
177 |
$xh->tag('div');
|
|
|
178 |
|
| 134 |
- |
179 |
if (getPGV('submitBtn') == "terms") {
|
| 127 |
- |
180 |
$xh->tag('h1', "Terms of Service");
|
| 137 |
- |
181 |
} else if (getPGV('submitBtn') == "privacy") {
|
| 127 |
- |
182 |
$xh->tag('h1', "Privacy Policy");
|
| 137 |
- |
183 |
} else if (getPGV('submitBtn') == "coupons") {
|
| 127 |
- |
184 |
$xh->tag('h1', "Special Offers & Coupon Codes");
|
| 137 |
- |
185 |
} else if (getPGV('submitBtn') == "wishlist") {
|
| 127 |
- |
186 |
$xh->tag('h1', "Wishlist");
|
| 78 |
- |
187 |
if (!empty($_SESSION['priceMonitor'])) {
|
| 127 |
- |
188 |
$xh->add_attribute("method", "post");
|
|
|
189 |
$xh->add_attribute("action", "/index.php");
|
|
|
190 |
$xh->tag('form');
|
|
|
191 |
$xh->insert_code(inputSessionTab());
|
|
|
192 |
$xh->insert_code(inputNonce());
|
|
|
193 |
$xh->add_attribute("class", "btn btn-info rounded");
|
|
|
194 |
$xh->add_attribute("id", "priceMonitor");
|
|
|
195 |
$xh->add_attribute("type", "submit");
|
| 134 |
- |
196 |
$xh->add_attribute("name", "submitBtn");
|
| 127 |
- |
197 |
$xh->add_attribute("value", "priceMonitor");
|
|
|
198 |
$xh->tag('button', "Price Monitor Results");
|
|
|
199 |
if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) {
|
|
|
200 |
$xh->add_attribute("class", "badge badge-pill badge-dark");
|
| 134 |
- |
201 |
$xh->tag('span', "New");
|
| 127 |
- |
202 |
}
|
|
|
203 |
$xh->close(); // button
|
|
|
204 |
$xh->close(); // form
|
| 78 |
- |
205 |
}
|
| 137 |
- |
206 |
} else if (getPGV('submitBtn') == "priceMonitor") {
|
| 127 |
- |
207 |
$xh->tag('h1', "Price Monitor Results");
|
| 137 |
- |
208 |
} else if (getPGV('submitBtn') == "help") {
|
| 127 |
- |
209 |
$xh->tag('h1', "Getting Started");
|
| 137 |
- |
210 |
} else if (getPGV('submitBtn') == "barcode") {
|
| 127 |
- |
211 |
$xh->tag('h1', "Barcode Checker");
|
| 137 |
- |
212 |
} else if (getPGV('submitBtn') == "unsubscribe") {
|
| 127 |
- |
213 |
$xh->tag('h1', "Unsubscribe Wishlist");
|
| 137 |
- |
214 |
} else {
|
| 127 |
- |
215 |
$xh->tag('h1', "Find Cheap CDs, Records, Digital, Books and Sheets");
|
|
|
216 |
$xh->add_attribute("id", "textslide");
|
|
|
217 |
$xh->add_attribute("class", "d-none d-sm-block");
|
|
|
218 |
$xh->tag('p', "Bookmark FindCheapMusic.com");
|
| 65 |
- |
219 |
}
|
| 2 |
- |
220 |
|
| 127 |
- |
221 |
$xh->close(); // div
|
|
|
222 |
$xh->close(); // div
|
| 73 |
- |
223 |
|
| 127 |
- |
224 |
$xh->insert_code(mainSearchForm());
|
| 138 |
- |
225 |
$xh->insert_code(mainAdvSearchForm());
|
| 2 |
- |
226 |
|
| 134 |
- |
227 |
if (getPGV('submitBtn') == "terms") {
|
| 120 |
- |
228 |
$snip = file_get_contents('snippets/terms.txt');
|
|
|
229 |
$snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);
|
| 127 |
- |
230 |
$xh->insert_code($snip);
|
| 137 |
- |
231 |
} else if (getPGV('submitBtn') == "privacy") {
|
| 120 |
- |
232 |
$snip = file_get_contents('snippets/privacy.txt');
|
|
|
233 |
$snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);
|
| 127 |
- |
234 |
$xh->insert_code($snip);
|
| 137 |
- |
235 |
} else if (getPGV('submitBtn') == "help") {
|
| 127 |
- |
236 |
$xh->insert_code(printHelp());
|
| 137 |
- |
237 |
} else if (getPGV('submitBtn') == "barcode") {
|
| 127 |
- |
238 |
$xh->insert_code(barcodePage());
|
| 137 |
- |
239 |
} else if (getPGV('submitBtn') == "coupons") {
|
| 65 |
- |
240 |
//get_linkshareCoupons(); // bugbug
|
| 127 |
- |
241 |
$xh->insert_code(getCouponCodes());
|
| 137 |
- |
242 |
} else if (getPGV('submitBtn') == "wishlist") {
|
| 127 |
- |
243 |
$xh->insert_code(getWishlist());
|
| 137 |
- |
244 |
} else if (getPGV('submitBtn') == "priceMonitor") {
|
| 127 |
- |
245 |
$xh->add_attribute("class", "container");
|
|
|
246 |
$xh->add_attribute("id", "productTable");
|
|
|
247 |
$xh->tag('div');
|
|
|
248 |
$xh->insert_code(getPriceMonitor());
|
|
|
249 |
$xh->close(); // div
|
| 137 |
- |
250 |
} else if (getPGV('submitBtn') == "unsubscribe") {
|
| 127 |
- |
251 |
$xh->insert_code(unsubscribeWishlist($_GET));
|
| 137 |
- |
252 |
} else if (getPGV('submitBtn') == "random") {
|
| 138 |
- |
253 |
findDiscogsMaster(true);
|
| 119 |
- |
254 |
if (!empty($_SESSION["discogs"])) {
|
| 127 |
- |
255 |
$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
|
| 119 |
- |
256 |
}
|
| 137 |
- |
257 |
} else {
|
| 65 |
- |
258 |
if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {
|
| 127 |
- |
259 |
$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
|
|
|
260 |
$xh->add_attribute("class", "container border py-2");
|
|
|
261 |
$xh->add_attribute("id", "productTable");
|
|
|
262 |
$xh->tag('div');
|
|
|
263 |
$xh->insert_code(storeOfferHeader());
|
| 104 |
- |
264 |
if ($_SESSION["lowestPrice"]["All"] > 0.00) {
|
| 127 |
- |
265 |
$xh->insert_code(printResultHeader());
|
| 104 |
- |
266 |
}
|
| 127 |
- |
267 |
$xh->insert_code(printResult());
|
|
|
268 |
$xh->close(); // div
|
| 133 |
- |
269 |
$xh->insert_code(productTableEventListeners());
|
| 65 |
- |
270 |
}
|
|
|
271 |
else if (!empty($_SESSION["discogs"])) {
|
| 127 |
- |
272 |
$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
|
| 65 |
- |
273 |
}
|
|
|
274 |
else {
|
| 127 |
- |
275 |
$xh->insert_code(startscreen());
|
| 14 |
- |
276 |
}
|
| 127 |
- |
277 |
|
|
|
278 |
$xh->insert_code(printSearchInfoModal());
|
| 65 |
- |
279 |
}
|
| 2 |
- |
280 |
|
| 127 |
- |
281 |
$xh->insert_code(printProgessbarModal());
|
| 14 |
- |
282 |
|
| 128 |
- |
283 |
$xh->insert_code(printSocialIconBar());
|
| 81 |
- |
284 |
|
| 127 |
- |
285 |
$xh->insert_code(htmlFooter());
|
| 2 |
- |
286 |
|
| 127 |
- |
287 |
$xh->insert_code(headerQuoteSlides());
|
|
|
288 |
|
|
|
289 |
$xh->insert_code(downloadAtOnload());
|
|
|
290 |
|
|
|
291 |
$xh->tag('form');
|
|
|
292 |
$xh->add_attribute("type", "hidden");
|
|
|
293 |
$xh->add_attribute("id", "nonce");
|
|
|
294 |
$xh->add_attribute("name", "nonce");
|
|
|
295 |
$xh->add_attribute("value", $_SESSION["nonce"]);
|
|
|
296 |
$xh->single_tag('input');
|
|
|
297 |
$xh->close(); // form
|
|
|
298 |
|
|
|
299 |
$xh->close(); // body
|
|
|
300 |
$xh->close(); // html
|
|
|
301 |
|
|
|
302 |
$html = $xh->flush();
|
|
|
303 |
//error_log(print_r($html, 1));
|
|
|
304 |
|
|
|
305 |
echo $html;
|
|
|
306 |
|
|
|
307 |
MySessionHandler::commit(session_id());
|