WebSVN – cheapmusic – Blame – /www/index.php

Rev	Author	Line No.	Line
2	-	1	`<?php`
7	-	2	`include_once('php/sessions_db.php');`
		3	`include_once('php/cryptor.php');`
9	-	4	`include_once('php/vendors.php');`
7	-	5
9	-	6	`error_reporting(E_ALL);`
		7
2	-	8	`if ($_SERVER["SERVER_NAME"] == "www.findcheapmusic.com") {`
14	-	9	`ini_set("zlib.output_compression", "On");`
5	-	10	`header("Strict-Transport-Security: max-age=31536000; includeSubDomains; preload");`
		11	`header("X-Content-Type-Options: nosniff");`
		12	`header("X-XSS-Protection: 1; mode=block");`
		13	`header("Access-Control-Allow-Origin: *");`
		14	`header("Referrer-Policy: no-referrer");`
		15	`header("X-Frame-Options: SAMEORIGIN");`
		16	`header("Set-Cookie: ^(.*)$ $1;HttpOnly;Secure");`
17	-	17	header("Content-Security-Policy: default-src 'none'; connect-src 'self'; font-src https://use.fontawesome.com; form-action 'self'; img-src 'self' data: https://img.discogs.com https://thumbs1.ebaystatic.com https://thumbs2.ebaystatic.com; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ https://use.fontawesome.com/releases/v5.8.1/css/ ;frame-ancestors 'self'");
2	-	18	`}`
		19
7	-	20	`$configFile = parse_ini_file("../MyFiles/config/cheapmusic.ini",true);`
		21	`$crypt = Cryptor::getInstance($configFile['cryptor']);`
		22	`$tmpSessionTab = (isset($_POST["sessionTab"]) && $_POST["sessionTab"] > 0 ? $_POST["sessionTab"] : null);`
		23	`$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);`
9	-	24	`$vendors = Vendors::getInstance();`
		25	`$vendors->setVendor($configFile['ebay'], Vendors::EBAY);`
		26	`$vendors->setVendor($configFile['discogs'], Vendors::DISCOGS);`
7	-	27	`unset($configFile);`
		28
2	-	29	`ini_set("session.cookie_httponly", 1);`
		30	`ini_set("session.cookie_secure", 1);`
7	-	31	`session_set_save_handler($handler, true);`
2	-	32	`session_start();`
		33	`?>`
		34	`<!DOCTYPE html>`
		35	`<html lang="en-US">`
		36	`<head>`
		37	`<meta http-equiv="Content-Type" content="text/html; charset=utf-8">`
		38	`<title>Find Cheap Music...</title>`
		39	`<meta name="viewport" content="width=device-width, initial-scale=1">`
		40	`<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">`
		41	`<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js" integrity="sha384-JUMjoW8OzDJw4oFpWIB2Bu/c6768ObEthBMVSiIx4ruBIEdyNSUQAjJNFqT5pnJ6" crossorigin="anonymous"></script>`
		42	`<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>`
		43	`<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>`
17	-	44	`<link rel="stylesheet" href="css/style.min.css" integrity="sha384-DzemQzfUoA/IrBbofMxHl15KiUNkl2dgTpt0jDKP/K1KVA6Fe7wSZRpaoeo1yjhV" crossorigin="anonymous">`
3	-	45	`<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.1/css/all.css" integrity="sha384-50oBUHEmvpQ+1lW4y57PTFmhCaXp0ML5d60M1M7uH2+nqUivzIebhndOJK28anvf" crossorigin="anonymous">`
17	-	46	`<link rel="stylesheet" href="css/jquery.flexdatalist.min.css" integrity="sha384-IUkltzhO8hiEuEm0UJQvWrrtE1xqVHA0NbUeIY7a+zCokg7LqiDf5HSt69ru8a7R" crossorigin="anonymous">`
		47	`<script src="js/jquery.flexdatalist.min.js" integrity="sha384-JKZ5fd3wxuyCR/AhbpbYALE2xwlYMGYu0XpsXixX7YOni1G0is+vwTuSMuGGYhnl" crossorigin="anonymous"></script>`
2	-	48	`<!-- Global site tag (gtag.js) - Google Analytics -->`
		49	`<!--script async src="https://www.googletagmanager.com/gtag/js?id=UA-138428761-2"></script-->`
		50	`<!--script src="/js/gtag.js" integrity="sha384-ZoAmOe9K3AXr6ONEK6njtE/HMsMvyjck9EfsgXdZLG7rEiz5GqXEk3RQc2cFIRNY" crossorigin="anonymous"></script-->`
		51	`</head>`
		52	`<body>`
		53
		54	`<?php`
		55	`include_once('php/tools.php');`
		56
5	-	57	`initSessionVariables();`
2	-	58
		59	`if ($_SERVER["REQUEST_METHOD"] == "POST") {`
5	-	60	`if ($_POST["submit"] == "Search") {`
		61	`$zip = sanitizeInput($_POST['buyerZip']);`
		62	`if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {`
		63	`$_SESSION["buyer"]["Zip"] = $zip;`
		64	`} else if (strlen($zip) == 0) {`
		65	`$_SESSION["buyer"]["Zip"] = "";`
		66	`}`
2	-	67
14	-	68	`$searchTerm = searchFriendlyString($_POST['searchTerm']);`
9	-	69	`if (empty($searchTerm)) {`
		70	`resetSessionVars();`
5	-	71	`} else {`
9	-	72	`$_SESSION["searchTerm"] = $searchTerm;`
2	-	73
5	-	74	`if (checkSearchFilters()) {`
		75	`performSearch();`
		76	`}`
		77	`}`
		78	`} else if ($_POST["submit"] == "Save") {`
		79	`$_SESSION["filterCondition"]["New"] = checkPV("filterConditionNew");`
		80	`$_SESSION["filterCondition"]["Used"] = checkPV("filterConditionUsed");`
		81	`$_SESSION["filterMediaType"]["CD"] = checkPV("filterMediaTypeCD");`
		82	`$_SESSION["filterMediaType"]["Record"] = checkPV("filterMediaTypeRecord");`
		83	`$_SESSION["filterMediaType"]["Digital"] = checkPV("filterMediaTypeDigital");`
2	-	84
5	-	85	`if (checkSearchFilters()) {`
		86	`performSearch();`
		87	`}`
14	-	88	`} else if ($_POST["submit"] == "discogsSearch") {`
		89	`$searchTerm = searchFriendlyString($_POST['discogsSearchTerm']);`
		90	`if (empty($searchTerm)) {`
		91	`resetSessionVars();`
		92	`} else {`
		93	`$_SESSION["searchTerm"] = $searchTerm;`
		94
		95	`if (checkSearchFilters()) {`
		96	`performSearch();`
		97	`}`
		98	`}`
5	-	99	`} else if (in_array($_POST["submit"], $buttonArr)) {`
		100	`$_SESSION["currentView"] = $_POST["submit"];`
		101	`filterResults();`
		102	`}`
		103	`} else if ($_SERVER["REQUEST_METHOD"] == "GET") {`
		104	`if (isset($_GET['z'])) {`
9	-	105	`$_SESSION["buyer"]["Zip"] = "";`
5	-	106	`$zip = sanitizeInput($_GET['z']);`
		107	`if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {`
		108	`$_SESSION["buyer"]["Zip"] = $zip;`
		109	`}`
		110	`}`
2	-	111
9	-	112	`$_SESSION["searchTerm"] = "";`
5	-	113	`if (isset($_GET['q'])) {`
14	-	114	`$_SESSION["searchTerm"] = searchFriendlyString($_GET["q"]);`
5	-	115	`if (checkSearchFilters()) {`
		116	`performSearch();`
		117	`}`
		118	`}`
2	-	119	`}`
		120	`?>`
		121
14	-	122	`<form method="post" action="/index.php">`
		123	`<input type="hidden" name="sessionTab" value="<?php echo $handler->getSessionTab(); ?>">`
		124	`<input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">`
		125	`<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"];?>">`
		126	`<nav class="navbar navbar-expand-sm bg-dark navbar-dark">`
		127	`<button type="submit" name="submit" value="Search" class="navbar-brand btn">Home</button>`
		128	`<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleNavbar">`
		129	`<span class="navbar-toggler-icon"></span>`
		130	`</button>`
		131	`<div class="collapse navbar-collapse" id="collapsibleNavbar">`
		132	`<ul class="navbar-nav">`
		133	`<li class="nav-item">`
15	-	134	`<button type="submit" name="submit" value="terms" class="nav-link btn">Terms of Service</button>`
14	-	135	`</li>`
		136	`<li class="nav-item">`
15	-	137	`<button type="submit" name="submit" value="privacy" class="nav-link btn">Privacy Policy</button>`
14	-	138	`</li>`
		139	`</ul>`
		140	`</div>`
		141	`</nav>`
		142	`</form>`
2	-	143
3	-	144	`<div class="page-header bg-primary">`
		145	`<div class="container text-center py-3">`
14	-	146	`<?php`
		147	`if (getPV('submit') == "terms") {`
		148	`echo file_get_contents('snippets/headerTerms.txt');`
		149	`} else if (getPV('submit') == "privacy") {`
		150	`echo file_get_contents('snippets/headerPrivacy.txt');`
		151	`} else {`
		152	`echo file_get_contents('snippets/header.txt');`
		153	`}`
		154	`?>`
2	-	155	`</div>`
		156	`</div>`
		157
3	-	158	`<div class="container-fluid bg-primary py-3">`
5	-	159	`<?php`
14	-	160	`if (!in_array(getPV('submit'), array("terms", "privacy"))) {`
5	-	161	`echo $_SESSION["filterWarnings"];`
14	-	162	`}`
5	-	163	`?>`
17	-	164	`<form <?php if (in_array(getPV('submit'), array("terms", "privacy"))) {echo "hidden";} ?> method="post" action="/index.php" class="form-inline"`
15	-	165	`onsubmit="progressBar('Searching for ' + document.getElementById('searchTerm').value);document.getElementById('searchBtn').innerHTML = '<span class=\'spinner-border spinner-border-sm\'></span> Searching, please wait...';">`
		166	`<input id="sessionId" type="hidden" name="sessionId" value="<?php echo session_id(); ?>">`
11	-	167	`<input id="sessionTab" type="hidden" name="sessionTab" value="<?php echo $handler->getSessionTab(); ?>">`
17	-	168	`<div class="form-group">`
		169	`<div class="btn-group">`
		170	`<button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#searchInfoModal" data-toggle2="tooltip" title="Search Tips"><i class="fas fa-info-circle" style="font-size:25px"></i></button>`
		171	`<button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#filterModal" data-keyboard="false" data-toggle2="tooltip" title="Search Filter"><i class="fas fa-filter" style='font-size:25px'></i></button>`
		172	`<div class="btn-group">`
		173	`<button class="btn dropdown-toggle <?php echo ($_SESSION["buyer"]["Zip"] == '' ? "bg-warning" : "input-group-text"); ?> mx-1 rounded" type="button" data-toggle="dropdown" data-toggle2="tooltip" title="<?php echo ($_SESSION["buyer"]["Zip"] == '' ? "Please enter your postal code to get the accurate shipping cost for items listed using a shipping rate table." : "Shipping to"); ?>"><i class="fas fa-shipping-fast" style='font-size:25px'></i></button>`
		174	`<div class="dropdown-menu">`
		175	`<div class="form-inline">`
		176	`<label class="m-2">Shipping to:</label>`
		177	`<input type="text" class="form-control form-control-sm m-2" maxlength="20" style="width:12em!important" id="buyerCountry" name="buyerCountry" value="United States" readonly>`
		178	`<input type="text" class="form-control form-control-sm m-2" maxlength="3" style="width:3.5em!important" id="buyerCurrency" name="buyerCurrency" value="USD" readonly>`
		179	`<input type="text" class="form-control form-control-sm m-2" maxlength="5" style="width:5.5em!important" id="buyerZip" name="buyerZip" placeholder="Zip Code" value="<?php echo $_SESSION["buyer"]["Zip"];?>">`
		180	`</div>`
		181	`</div>`
		182	`</div>`
2	-	183	`</div>`
		184	`</div>`
17	-	185	`<div class="form-group">`
		186	`<input id="searchTerm" list="searchHistory" name="searchTerm" type="text" class="form-control mx-1 rounded flexdatalist searchTerm-width" placeholder="Search by Barcode, Artist, Title, ..." value="<?php echo getSV("searchTerm") ?>">`
		187	`<datalist id="searchHistory">`
		188	`<?php echo getSearchHistory(); ?>`
		189	`</datalist>`
		190	`</div>`
		191	`<div class="form-group">`
		192	`<button id="searchBtn" type="submit" class="btn btn-success mx-1 rounded" name="submit" value="Search">Go</button>`
		193	`</div>`
2	-	194	`</form>`
		195	`</div>`
		196
5	-	197	`<?php`
14	-	198	`if (getPV('submit') == "terms") {`
		199	`echo file_get_contents('snippets/terms.txt');`
		200	`} else if (getPV('submit') == "privacy") {`
		201	`echo file_get_contents('snippets/privacy.txt');`
		202	`} else {`
9	-	203	`if ($_SESSION["lowestPrice"]["All"] > 0.00 \|\| !empty($_SESSION["searchTerm"])) {`
12	-	204	`echo $_SESSION["discogs"];`
11	-	205	`echo "<div id=\"productTable\">";`
9	-	206	`echo printTableHeader();`
		207	`echo buildTable();`
11	-	208	`echo "</div>";`
9	-	209	`}`
5	-	210	`echo printSearchFilterModal();`
		211	`echo printSearchInfoModal();`
14	-	212	`session_commit();`
		213	`}`
5	-	214	`?>`
2	-	215
14	-	216	`<div class="modal" id="progressBarDiv">`
17	-	217	`<div class="modal-dialog modal-dialog-centered">`
14	-	218	`<div class="modal-content">`
		219	`<div class="modal-header">`
15	-	220	`<h4 id="progressBarHeader">Searching</h4>`
14	-	221	`</div>`
		222	`<div class="modal-body">`
		223	`<div class="progress">`
		224	`<div id="progressBar" class="progress-bar" style="width:0%">0%</div>`
		225	`</div>`
		226	`</div>`
15	-	227	`<div class="modal-footer">`
		228	`<span id="progressBarMessage"></span>`
		229	`</div>`
14	-	230	`</div>`
		231	`</div>`
		232	`</div>`
		233
2	-	234	`<footer class="container-fluid text-center">`
		235	`<p>Disclaimer: As an Associate we earn from qualifying purchases.</p>`
17	-	236	`<p>Copyright © <?php echo @date("Y"); ?> FindCheapMusic.com. All rights reserved.</p>`
2	-	237	`</footer>`
		238
17	-	239	`<script src="/js/dr.min.js" integrity="sha384-QHJ82vZK8kX9qbYGNWfTHLhpe5Glh3c+r98YAjl4xJNtxM8wp2m4K6eVudB0MTnC" crossorigin="anonymous"></script>`
2	-	240	`</body>`
		241	`</html>`

Subversion Repositories cheapmusic

(root)/www/index.php – Rev 17