| 2 |
- |
1 |
<?php
|
| 121 |
- |
2 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/hosting.php");
|
| 65 |
- |
3 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");
|
|
|
4 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");
|
|
|
5 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");
|
|
|
6 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");
|
|
|
7 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");
|
| 119 |
- |
8 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/NonceUtil.php");
|
| 7 |
- |
9 |
|
| 9 |
- |
10 |
error_reporting(E_ALL);
|
|
|
11 |
|
| 35 |
- |
12 |
$userData = [];
|
| 153 |
- |
13 |
$configFile = parse_ini_file(FCM_CONFIGFILE, true);
|
| 7 |
- |
14 |
$crypt = Cryptor::getInstance($configFile['cryptor']);
|
| 107 |
- |
15 |
$tmpSessionTab = (!empty(getPGV("sessionTab")) && getPGV("sessionTab") > 0 ? getPGV("sessionTab"): null);
|
| 7 |
- |
16 |
$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);
|
| 9 |
- |
17 |
$vendors = Vendors::getInstance();
|
| 83 |
- |
18 |
Vendors::setAllVendors($configFile, $vendors);
|
| 121 |
- |
19 |
$systemConf = $configFile['system'];
|
| 7 |
- |
20 |
unset($configFile);
|
|
|
21 |
|
| 121 |
- |
22 |
session_set_cookie_params(604800, '/', '.' . $systemConf["domain_name"], true, true);
|
| 7 |
- |
23 |
session_set_save_handler($handler, true);
|
| 35 |
- |
24 |
if (!empty($_COOKIE['PHPSESSID'])) {
|
|
|
25 |
session_id($_COOKIE['PHPSESSID']);
|
|
|
26 |
}
|
| 2 |
- |
27 |
session_start();
|
| 35 |
- |
28 |
|
| 138 |
- |
29 |
initSessionVariables($systemConf);
|
|
|
30 |
|
| 119 |
- |
31 |
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/csp.php");
|
|
|
32 |
|
| 35 |
- |
33 |
// Check whether user ID is available in cookie
|
| 65 |
- |
34 |
if (!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash']) && empty($_SESSION['sessData']['loginType'])) {
|
| 35 |
- |
35 |
require_once 'login/includes/config.php';
|
|
|
36 |
require_once 'login/includes/User.class.php';
|
|
|
37 |
require_once 'login/includes/password.php';
|
|
|
38 |
$user = new User();
|
|
|
39 |
$conditions['where'] = array(
|
|
|
40 |
'id' => $_COOKIE['rememberUserId']
|
|
|
41 |
);
|
|
|
42 |
$conditions['return_type'] = 'single';
|
|
|
43 |
$userData = $user->getRows($conditions);
|
|
|
44 |
if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {
|
| 65 |
- |
45 |
$_SESSION['sessData']['userLoggedIn'] = true;
|
| 35 |
- |
46 |
$_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];
|
| 141 |
- |
47 |
$_SESSION["userPicture"] = getUserImage($userData);
|
|
|
48 |
$_SESSION["colorTheme"] = $userData['theme'];
|
| 59 |
- |
49 |
$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
|
| 137 |
- |
50 |
$_SESSION['buyer']['Zip'] = $userData['zip'];
|
|
|
51 |
$_SESSION['buyer']['Country'] = 'United States';
|
|
|
52 |
$_SESSION['buyer']['Currency'] = 'USD';
|
|
|
53 |
$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
|
|
|
54 |
$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
|
|
|
55 |
$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
|
|
|
56 |
$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
|
|
|
57 |
$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
|
|
|
58 |
$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
|
| 65 |
- |
59 |
}
|
|
|
60 |
else {
|
| 35 |
- |
61 |
unsetSessData();
|
|
|
62 |
}
|
| 137 |
- |
63 |
// or if the user has already logged in
|
|
|
64 |
} else if (isLoggedIn()) {
|
| 35 |
- |
65 |
require_once 'login/includes/config.php';
|
|
|
66 |
require_once 'login/includes/User.class.php';
|
|
|
67 |
require_once 'login/includes/password.php';
|
|
|
68 |
$user = new User();
|
|
|
69 |
$conditions['where'] = array(
|
|
|
70 |
'id' => $_SESSION['sessData']['userID']
|
|
|
71 |
);
|
|
|
72 |
$conditions['return_type'] = 'single';
|
|
|
73 |
$userData = $user->getRows($conditions);
|
| 57 |
- |
74 |
|
| 35 |
- |
75 |
if (!empty($userData)) {
|
| 141 |
- |
76 |
$_SESSION["userPicture"] = getUserImage($userData);
|
|
|
77 |
$_SESSION["colorTheme"] = $userData['theme'];
|
| 59 |
- |
78 |
$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
|
| 137 |
- |
79 |
$_SESSION['buyer']['Zip'] = $userData['zip'];
|
|
|
80 |
$_SESSION['buyer']['Country'] = 'United States';
|
|
|
81 |
$_SESSION['buyer']['Currency'] = 'USD';
|
|
|
82 |
$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
|
|
|
83 |
$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
|
|
|
84 |
$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
|
|
|
85 |
$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
|
|
|
86 |
$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
|
|
|
87 |
$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
|
| 65 |
- |
88 |
}
|
|
|
89 |
else {
|
| 35 |
- |
90 |
unsetSessData();
|
|
|
91 |
}
|
| 137 |
- |
92 |
// or user is not logged in
|
| 138 |
- |
93 |
} else {
|
| 35 |
- |
94 |
unsetSessData();
|
| 141 |
- |
95 |
$_SESSION["colorTheme"] = 'default';
|
| 35 |
- |
96 |
}
|
| 57 |
- |
97 |
|
| 78 |
- |
98 |
checkPriceMonitor();
|
| 114 |
- |
99 |
|
| 127 |
- |
100 |
echo "<!DOCTYPE html>"; // html5
|
| 2 |
- |
101 |
|
| 127 |
- |
102 |
$xh = new Html;
|
|
|
103 |
$xh->init($_SESSION["htmlIndent"]);
|
|
|
104 |
$xh->add_attribute("lang", "en-US");
|
|
|
105 |
$xh->tag('html');
|
|
|
106 |
$xh->tag('head');
|
| 134 |
- |
107 |
$xh->insert_code(headTitle(getPGV('submitBtn')));
|
| 127 |
- |
108 |
$xh->add_attribute('name', "keywords");
|
|
|
109 |
$xh->add_attribute('content', "Cheap,Music,Album,Single,Promo,CD,Compact Disc,Vinyl,Record,Digital,Download,Sheet,Book");
|
|
|
110 |
$xh->single_tag('meta');
|
| 134 |
- |
111 |
$xh->insert_code(metaDescription(getPGV('submitBtn')));
|
| 127 |
- |
112 |
$xh->insert_code(htmlHeader());
|
|
|
113 |
$xh->insert_code(file_get_contents('snippets/fb_tw.txt'));
|
| 143 |
- |
114 |
if (!empty($_SESSION["gtmId"])) {
|
|
|
115 |
$xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));
|
|
|
116 |
$xh->tag('style');
|
|
|
117 |
$xh->insert_code(".gtm-noscript{display:none;visibility:hidden;}");
|
|
|
118 |
$xh->close(); // style
|
|
|
119 |
}
|
| 127 |
- |
120 |
$xh->close(); // head
|
|
|
121 |
$xh->tag('body');
|
|
|
122 |
|
| 134 |
- |
123 |
if (!empty($_SESSION["gtmId"])) {
|
| 143 |
- |
124 |
//$xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));
|
| 127 |
- |
125 |
$xh->tag('noscript');
|
| 134 |
- |
126 |
$xh->add_attribute("src", "https://www.googletagmanager.com/ns.html?id=" . $_SESSION["gtmId"]);
|
| 127 |
- |
127 |
$xh->add_attribute("height", "0");
|
|
|
128 |
$xh->add_attribute("width", "0");
|
| 138 |
- |
129 |
$xh->add_attribute("class", "gtm-noscript");
|
| 127 |
- |
130 |
$xh->add_attribute("title", "Tagmanager");
|
|
|
131 |
$xh->tag('iframe', "");
|
|
|
132 |
$xh->close(); // noscript
|
| 119 |
- |
133 |
}
|
|
|
134 |
|
| 2 |
- |
135 |
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
| 153 |
- |
136 |
if (empty($_POST["submitBtn"])) {
|
|
|
137 |
$_POST["submitBtn"] = $_POST["submit"] ?? ""; // bugbug where does this come from?
|
|
|
138 |
}
|
| 134 |
- |
139 |
if ($_POST["submitBtn"] == "Search") {
|
| 137 |
- |
140 |
buildDiscogsSearchTerm();
|
| 2 |
- |
141 |
|
| 137 |
- |
142 |
if (!empty($_SESSION["searchTerm"])) {
|
| 138 |
- |
143 |
$_SESSION["mode"] = SIMPLE_SEARCH;
|
| 116 |
- |
144 |
performSearch();
|
| 141 |
- |
145 |
$xh->insert_code(jumpToSection("discogsTable"));
|
| 65 |
- |
146 |
}
|
| 137 |
- |
147 |
} else if ($_POST["submitBtn"] == "advSearch") {
|
|
|
148 |
buildDiscogsSearchTerm();
|
|
|
149 |
if (!empty($_SESSION["advSearch"])) {
|
| 138 |
- |
150 |
$_SESSION["mode"] = ADVANCED_SEARCH;
|
| 116 |
- |
151 |
performSearch();
|
| 141 |
- |
152 |
$xh->insert_code(jumpToSection("discogsTable"));
|
| 65 |
- |
153 |
}
|
| 137 |
- |
154 |
} else if ($_POST["submitBtn"] == "discogsSearch") {
|
|
|
155 |
buildDiscogsSearchTerm();
|
|
|
156 |
if (!empty($_SESSION["searchTerm"])) {
|
| 141 |
- |
157 |
$_SESSION["mode"] = ADVANCED_SEARCH;
|
|
|
158 |
performSearch(true);
|
|
|
159 |
$xh->insert_code(jumpToSection("productTable"));
|
| 65 |
- |
160 |
}
|
| 137 |
- |
161 |
} else if ($_POST["submitBtn"] == "unsubscribe") {
|
| 73 |
- |
162 |
// bugbug
|
|
|
163 |
}
|
| 65 |
- |
164 |
}
|
|
|
165 |
else if ($_SERVER["REQUEST_METHOD"] == "GET") {
|
| 151 |
- |
166 |
$_GET["submitBtn"] = $_GET["submit"] ?? "";
|
| 137 |
- |
167 |
buildDiscogsSearchTerm();
|
|
|
168 |
if (!empty($_SESSION["searchTerm"])) {
|
| 138 |
- |
169 |
/*
|
|
|
170 |
$xh->insert_code(printProgessbarModal());
|
|
|
171 |
$xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));
|
|
|
172 |
$xh->tag('script');
|
|
|
173 |
$str = 'progressBar(' . $_SESSION["searchTerm"] . ');';
|
|
|
174 |
$xh->insert_code($str);
|
|
|
175 |
$xh->flush();
|
|
|
176 |
$xh->close(); // script
|
|
|
177 |
*/
|
| 116 |
- |
178 |
performSearch();
|
| 65 |
- |
179 |
}
|
| 2 |
- |
180 |
}
|
|
|
181 |
|
| 141 |
- |
182 |
$xh->insert_code(navigationPane());
|
| 127 |
- |
183 |
|
|
|
184 |
$xh->add_attribute("class", "page-header bg-primary");
|
|
|
185 |
$xh->tag('div');
|
|
|
186 |
$xh->add_attribute("class", "container text-center py-3");
|
|
|
187 |
$xh->tag('div');
|
|
|
188 |
|
| 134 |
- |
189 |
if (getPGV('submitBtn') == "terms") {
|
| 127 |
- |
190 |
$xh->tag('h1', "Terms of Service");
|
| 137 |
- |
191 |
} else if (getPGV('submitBtn') == "privacy") {
|
| 127 |
- |
192 |
$xh->tag('h1', "Privacy Policy");
|
| 137 |
- |
193 |
} else if (getPGV('submitBtn') == "coupons") {
|
| 127 |
- |
194 |
$xh->tag('h1', "Special Offers & Coupon Codes");
|
| 137 |
- |
195 |
} else if (getPGV('submitBtn') == "wishlist") {
|
| 127 |
- |
196 |
$xh->tag('h1', "Wishlist");
|
| 78 |
- |
197 |
if (!empty($_SESSION['priceMonitor'])) {
|
| 127 |
- |
198 |
$xh->add_attribute("method", "post");
|
|
|
199 |
$xh->add_attribute("action", "/index.php");
|
|
|
200 |
$xh->tag('form');
|
|
|
201 |
$xh->insert_code(inputSessionTab());
|
|
|
202 |
$xh->insert_code(inputNonce());
|
|
|
203 |
$xh->add_attribute("class", "btn btn-info rounded");
|
|
|
204 |
$xh->add_attribute("id", "priceMonitor");
|
|
|
205 |
$xh->add_attribute("type", "submit");
|
| 134 |
- |
206 |
$xh->add_attribute("name", "submitBtn");
|
| 127 |
- |
207 |
$xh->add_attribute("value", "priceMonitor");
|
|
|
208 |
$xh->tag('button', "Price Monitor Results");
|
|
|
209 |
if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) {
|
|
|
210 |
$xh->add_attribute("class", "badge badge-pill badge-dark");
|
| 134 |
- |
211 |
$xh->tag('span', "New");
|
| 127 |
- |
212 |
}
|
|
|
213 |
$xh->close(); // form
|
| 78 |
- |
214 |
}
|
| 137 |
- |
215 |
} else if (getPGV('submitBtn') == "priceMonitor") {
|
| 127 |
- |
216 |
$xh->tag('h1', "Price Monitor Results");
|
| 137 |
- |
217 |
} else if (getPGV('submitBtn') == "help") {
|
| 127 |
- |
218 |
$xh->tag('h1', "Getting Started");
|
| 137 |
- |
219 |
} else if (getPGV('submitBtn') == "barcode") {
|
| 127 |
- |
220 |
$xh->tag('h1', "Barcode Checker");
|
| 137 |
- |
221 |
} else if (getPGV('submitBtn') == "unsubscribe") {
|
| 127 |
- |
222 |
$xh->tag('h1', "Unsubscribe Wishlist");
|
| 137 |
- |
223 |
} else {
|
| 127 |
- |
224 |
$xh->tag('h1', "Find Cheap CDs, Records, Digital, Books and Sheets");
|
|
|
225 |
$xh->add_attribute("id", "textslide");
|
|
|
226 |
$xh->add_attribute("class", "d-none d-sm-block");
|
|
|
227 |
$xh->tag('p', "Bookmark FindCheapMusic.com");
|
| 65 |
- |
228 |
}
|
| 2 |
- |
229 |
|
| 127 |
- |
230 |
$xh->close(); // div
|
|
|
231 |
$xh->close(); // div
|
| 73 |
- |
232 |
|
| 127 |
- |
233 |
$xh->insert_code(mainSearchForm());
|
| 138 |
- |
234 |
$xh->insert_code(mainAdvSearchForm());
|
| 2 |
- |
235 |
|
| 134 |
- |
236 |
if (getPGV('submitBtn') == "terms") {
|
| 120 |
- |
237 |
$snip = file_get_contents('snippets/terms.txt');
|
|
|
238 |
$snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);
|
| 127 |
- |
239 |
$xh->insert_code($snip);
|
| 137 |
- |
240 |
} else if (getPGV('submitBtn') == "privacy") {
|
| 120 |
- |
241 |
$snip = file_get_contents('snippets/privacy.txt');
|
|
|
242 |
$snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);
|
| 127 |
- |
243 |
$xh->insert_code($snip);
|
| 137 |
- |
244 |
} else if (getPGV('submitBtn') == "help") {
|
| 127 |
- |
245 |
$xh->insert_code(printHelp());
|
| 137 |
- |
246 |
} else if (getPGV('submitBtn') == "barcode") {
|
| 127 |
- |
247 |
$xh->insert_code(barcodePage());
|
| 137 |
- |
248 |
} else if (getPGV('submitBtn') == "coupons") {
|
| 65 |
- |
249 |
//get_linkshareCoupons(); // bugbug
|
| 127 |
- |
250 |
$xh->insert_code(getCouponCodes());
|
| 137 |
- |
251 |
} else if (getPGV('submitBtn') == "wishlist") {
|
| 127 |
- |
252 |
$xh->insert_code(getWishlist());
|
| 137 |
- |
253 |
} else if (getPGV('submitBtn') == "priceMonitor") {
|
| 127 |
- |
254 |
$xh->add_attribute("class", "container");
|
|
|
255 |
$xh->add_attribute("id", "productTable");
|
|
|
256 |
$xh->tag('div');
|
|
|
257 |
$xh->insert_code(getPriceMonitor());
|
|
|
258 |
$xh->close(); // div
|
| 137 |
- |
259 |
} else if (getPGV('submitBtn') == "unsubscribe") {
|
| 127 |
- |
260 |
$xh->insert_code(unsubscribeWishlist($_GET));
|
| 137 |
- |
261 |
} else if (getPGV('submitBtn') == "random") {
|
| 138 |
- |
262 |
findDiscogsMaster(true);
|
| 119 |
- |
263 |
if (!empty($_SESSION["discogs"])) {
|
| 127 |
- |
264 |
$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
|
| 119 |
- |
265 |
}
|
| 137 |
- |
266 |
} else {
|
| 65 |
- |
267 |
if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {
|
| 127 |
- |
268 |
$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
|
|
|
269 |
$xh->add_attribute("class", "container border py-2");
|
|
|
270 |
$xh->add_attribute("id", "productTable");
|
|
|
271 |
$xh->tag('div');
|
|
|
272 |
$xh->insert_code(storeOfferHeader());
|
| 104 |
- |
273 |
if ($_SESSION["lowestPrice"]["All"] > 0.00) {
|
| 127 |
- |
274 |
$xh->insert_code(printResultHeader());
|
| 104 |
- |
275 |
}
|
| 127 |
- |
276 |
$xh->insert_code(printResult());
|
|
|
277 |
$xh->close(); // div
|
| 133 |
- |
278 |
$xh->insert_code(productTableEventListeners());
|
| 65 |
- |
279 |
}
|
|
|
280 |
else if (!empty($_SESSION["discogs"])) {
|
| 127 |
- |
281 |
$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));
|
| 65 |
- |
282 |
}
|
|
|
283 |
else {
|
| 127 |
- |
284 |
$xh->insert_code(startscreen());
|
| 14 |
- |
285 |
}
|
| 127 |
- |
286 |
|
|
|
287 |
$xh->insert_code(printSearchInfoModal());
|
| 65 |
- |
288 |
}
|
| 2 |
- |
289 |
|
| 127 |
- |
290 |
$xh->insert_code(printProgessbarModal());
|
| 14 |
- |
291 |
|
| 128 |
- |
292 |
$xh->insert_code(printSocialIconBar());
|
| 81 |
- |
293 |
|
| 127 |
- |
294 |
$xh->insert_code(htmlFooter());
|
| 2 |
- |
295 |
|
| 127 |
- |
296 |
$xh->insert_code(headerQuoteSlides());
|
|
|
297 |
|
|
|
298 |
$xh->insert_code(downloadAtOnload());
|
|
|
299 |
|
|
|
300 |
$xh->tag('form');
|
|
|
301 |
$xh->add_attribute("type", "hidden");
|
|
|
302 |
$xh->add_attribute("id", "nonce");
|
|
|
303 |
$xh->add_attribute("name", "nonce");
|
|
|
304 |
$xh->add_attribute("value", $_SESSION["nonce"]);
|
|
|
305 |
$xh->single_tag('input');
|
|
|
306 |
$xh->close(); // form
|
|
|
307 |
|
|
|
308 |
$xh->close(); // body
|
|
|
309 |
$xh->close(); // html
|
|
|
310 |
|
|
|
311 |
$html = $xh->flush();
|
|
|
312 |
//error_log(print_r($html, 1));
|
|
|
313 |
|
|
|
314 |
echo $html;
|
|
|
315 |
|
|
|
316 |
MySessionHandler::commit(session_id());
|