Subversion Repositories cheapmusic

<?php

include_once($_SERVER['DOCUMENT_ROOT'] . "/php/dnsexit.php");

include_once($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");

include_once($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");

include_once($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");

include_once($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");

include_once($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");

error_reporting(E_ALL);

$userData = [];

$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . "/../MyFiles/config/cheapmusic.ini", true);

$crypt = Cryptor::getInstance($configFile['cryptor']);

$tmpSessionTab = (isset($_POST["sessionTab"]) && $_POST["sessionTab"] > 0 ? $_POST["sessionTab"] : null);

$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);

$vendors = Vendors::getInstance();

$vendors->setVendor($configFile['ebay'], Vendors::EBAY);

$vendors->setVendor($configFile['discogs'], Vendors::DISCOGS);

$vendors->setVendor($configFile['linkshare'], Vendors::LINKSHARE);

$vendors->setVendor($configFile['cjaffiliate'], Vendors::CJAFFILIATE);

$vendors->setVendor($configFile['walmart'], Vendors::WALMART);

unset($configFile);

ini_set("session.cookie_httponly", 1);

ini_set("session.cookie_secure", 1);

session_set_save_handler($handler, true);

if (!empty($_COOKIE['PHPSESSID'])) {

    session_id($_COOKIE['PHPSESSID']);

}

session_start();

// Check whether user ID is available in cookie

if(!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash'])){

    require_once 'login/includes/config.php';

    require_once 'login/includes/User.class.php';

    require_once 'login/includes/password.php';

    $user = new User();

    $conditions['where'] = array(

        'id' => $_COOKIE['rememberUserId']

    );

    $conditions['return_type'] = 'single';

    $userData = $user->getRows($conditions);

    if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {

        $_SESSION['sessData']['userLoggedIn'] = TRUE;

        $_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];

        $_SESSION['buyer']['Zip'] = $userData['zip'];

        $_SESSION['buyer']['Country'] = 'United States';

        $_SESSION['buyer']['Currency'] = 'USD';

        $userPicture = getUserImage($userData);

    } else {

        unsetSessData();

    }

// or if the user has already logged in

} else if (isLoggedIn()) {

    require_once 'login/includes/config.php';

    require_once 'login/includes/User.class.php';

    require_once 'login/includes/password.php';

    $user = new User();

    $conditions['where'] = array(

        'id' => $_SESSION['sessData']['userID']

    );

    $conditions['return_type'] = 'single';

    $userData = $user->getRows($conditions);

    if (!empty($userData)) {

        $userPicture = getUserImage($userData);

        if (!empty($userData['zip'])) {

            $_SESSION['buyer']['Zip'] = $userData['zip'];

            $_SESSION['buyer']['Country'] = 'United States';

            $_SESSION['buyer']['Currency'] = 'USD';

        }

    } else {

        unsetSessData();

    }

// not logged in

} else {

    unsetSessData();

}

?>

<!DOCTYPE html>

<html lang="en-US">

<head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

    <title>Find Cheap Music...</title>

    <meta name="viewport" content="width=device-width, initial-scale=1">

    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">

    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js" integrity="sha384-JUMjoW8OzDJw4oFpWIB2Bu/c6768ObEthBMVSiIx4ruBIEdyNSUQAjJNFqT5pnJ6" crossorigin="anonymous"></script>

    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>

    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>

    <link rel="stylesheet" href="css/style.min.css" integrity="sha384-yJFS3zzJvOVhVghCftxNaWxX2fXRthhi6Fm4jqndvS0mnKH8OkJuPOGsBPvxJDvO" crossorigin="anonymous">

    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.8.1/css/all.css" integrity="sha384-50oBUHEmvpQ+1lW4y57PTFmhCaXp0ML5d60M1M7uH2+nqUivzIebhndOJK28anvf" crossorigin="anonymous">

    <link rel="stylesheet" href="css/jquery.flexdatalist.min.css" integrity="sha384-IUkltzhO8hiEuEm0UJQvWrrtE1xqVHA0NbUeIY7a+zCokg7LqiDf5HSt69ru8a7R" crossorigin="anonymous">

    <script src="js/jquery.flexdatalist.min.js" integrity="sha384-JKZ5fd3wxuyCR/AhbpbYALE2xwlYMGYu0XpsXixX7YOni1G0is+vwTuSMuGGYhnl" crossorigin="anonymous"></script>

    <script src="js/input-clearer.min.js" integrity="sha384-PPIpFAWvzKO0l06o6zNV8tPFHNistosIDKHylKx5kJIM9zceSlJxAScUWQpt02xy" crossorigin="anonymous"></script>

    <script src="js/paginate.min.js" integrity="sha384-sN78hrw/H8RzeS4ete92bJj3Y0lEBeiryHisgrRm/pvsPyGLf0M14Vnm+cRxVchm" crossorigin="anonymous"></script>

    <link href="https://fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900iSlabo+27px&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese" rel="stylesheet">

</head>

<body>

<?php

initSessionVariables();

if ($_SERVER["REQUEST_METHOD"] == "POST") {

	if ($_POST["submit"] == "Search") {

        if (empty($_SESSION['buyer']['Zip'])) {

    		$zip = (empty($_POST['buyerZip']) ? "" : sanitizeInput($_POST['buyerZip']));

        	if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {

	        	$_SESSION["buyer"]["Zip"] = $zip;

   		    } else if (strlen($zip) == 0) {

        		$_SESSION["buyer"]["Zip"] = "";

	        }

	    }

        $_SESSION["discogsTitle"] = "";

        $_SESSION["discogsArtist"] = "";

		$searchTerm = (empty($_POST['searchTerm']) ? "" : searchFriendlyString($_POST['searchTerm']));

		if (empty($searchTerm)) {

			resetSessionVars();

		} else {

			$_SESSION["searchTerm"] = $searchTerm;

            if (checkSearchFilters()) {

    			performSearch();

    		}

		}

	} else if ($_POST["submit"] == "Save") {

		$_SESSION["filterCondition"]["New"] = checkPV("filterConditionNew");

		$_SESSION["filterCondition"]["Used"] = checkPV("filterConditionUsed");

		$_SESSION["filterMediaType"]["CD"] = checkPV("filterMediaTypeCD");

		$_SESSION["filterMediaType"]["Record"] = checkPV("filterMediaTypeRecord");

		$_SESSION["filterMediaType"]["Digital"] = checkPV("filterMediaTypeDigital");

		$_SESSION["filterMediaType"]["Book"] = checkPV("filterMediaTypeBook");

        $_SESSION["discogsTitle"] = "";

        $_SESSION["discogsArtist"] = "";

		$searchTerm = searchFriendlyString($_POST['searchTerm']);

		if (empty($searchTerm)) {

			resetSessionVars();

		} else {

			$_SESSION["searchTerm"] = $searchTerm;

            if (checkSearchFilters()) {

    			performSearch();

    		}

		}

	} else if ($_POST["submit"] == "discogsSearch") {

        $searchTerm = "";

        if (!empty($_POST['discogsBarcode'])) {

    		$searchTerm = searchFriendlyString($_POST['discogsBarcode']);

        } else {

            if (!empty($_POST['discogsTitle'])) {

                $searchTerm = $_POST['discogsTitle'];

            }

            if (!empty($_POST['discogsArtist'])) {

                $searchTerm .= " " . $_POST['discogsArtist'];

            }

            $searchTerm = trim($searchTerm);

        }

		if (empty($searchTerm)) {

			resetSessionVars();

		} else {

			$_SESSION["searchTerm"] = $searchTerm;

            if (isset($_POST['discogsTitle'])) {

                $_SESSION["discogsTitle"] = searchFriendlyString($_POST['discogsTitle']);

            }

            if (isset($_POST['discogsArtist'])) {

                $_SESSION["discogsArtist"] = searchFriendlyString($_POST['discogsArtist']);

            }

            if (checkSearchFilters()) {

    			performSearch();

    		}

		}

	} else if ($_POST["submit"] == "discogsWishlist") {

        addWishlist(json_decode(base64_decode($_POST['discogsWishlist'])));

	} else if (in_array($_POST["submit"], $buttonArr)) {

		$_SESSION["currentView"] = $_POST["submit"];

		filterResults();

	}

} else if ($_SERVER["REQUEST_METHOD"] == "GET") {

	if (isset($_GET['z'])) {

    	$_SESSION["buyer"]["Zip"] = "";

		$zip = sanitizeInput($_GET['z']);

		if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {

			$_SESSION["buyer"]["Zip"] = $zip;

		}

	}

    $_SESSION["searchTerm"] = "";

	if (isset($_GET['q'])) {

		$_SESSION["searchTerm"] = searchFriendlyString($_GET["q"]);

        if (checkSearchFilters()) {

    		performSearch();

    	}

	}

}

?>

    <form method="post" action="/index.php">

        <input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

       	<input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">

       	<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"];?>">

        <nav class="navbar navbar-expand-sm bg-dark navbar-dark">

            <div class="navbar-header">

                <span class="navbar-brand"><button type="submit" name="submit" value="Search" class="nav-link btn text-white">Find Cheap Music</button></span>

            </div>

            <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleNavbar">

                <span class="navbar-toggler-icon"></span>

            </button>

            <div class="collapse navbar-collapse" id="collapsibleNavbar">

                <ul class="navbar-nav mr-auto">

                    <li class="nav-item">

                        <button type="submit" name="submit" value="Search" class="nav-link btn"><i class="fas fa-home"></i></button>

                    </li>

                    <?php if (isLoggedIn()) { ?>

                        <li class="nav-item">

                            <button type="submit" name="submit" value="coupons" class="nav-link btn">Coupons</button>

                        </li>

                        <li class="nav-item">

                            <button type="submit" name="submit" value="wishlist" class="nav-link btn">Wishlist</button>

                        </li>

                    <?php } ?>

                    <li class="nav-item">

                        <button type="submit" name="submit" value="terms" class="nav-link btn">Terms of Service</button>

                    </li>

                    <li class="nav-item">

                        <button type="submit" name="submit" value="privacy" class="nav-link btn">Privacy Policy</button>

                    </li>

                </ul>

                <ul class="navbar-nav">

                    <?php if (!isLoggedIn()) { ?>

                    <li class="nav-item">

                        <a href="/login/index.php" class="nav-link btn"><i class='fas fa-sign-in-alt'></i> Login</a>

                    </li>

                    <?php } else { ?>

                        <li class="nav-item">

                            <img class="img-fluid hide-extra-small hide-small user-img" src="<?php echo $userPicture ?>" alt="User Image">

                        </li>

                        <li class="nav-item dropdown">

                          <a class="nav-link dropdown-toggle" href="#" id="navbardrop" data-toggle="dropdown"><i class="fas fa-user-cog"></i> Account</a>

                          <div class="dropdown-menu dropdown-menu-right">

                              <button formaction="/login/account.php" type="submit" name="submit" value="account" class="dropdown-item btn"><i class="fas fa-info-circle"></i> Information</button>

                              <button formaction="/login/editAccount.php" type="submit" name="submit" value="editAccount" class="dropdown-item btn"><i class="fas fa-edit"></i> Edit Account</button>

                              <?php if (empty($_SESSION['sessData']['loginType']) || $_SESSION['sessData']['loginType'] != 'social') { ?>

                                  <button formaction="/login/changePassword.php" type="submit" name="submit" value="changePassword" class="dropdown-item btn"><i class="fas fa-key"></i> Change Password</button>

                              <?php } ?>

                              <button formaction="/login/userAccount.php?logoutSubmit=1" type="submit" name="submit" value="logout" class="dropdown-item btn"><i class='fas fa-sign-out-alt'></i> Logout</button>

                          </div>

                        </li>

                    <?php } ?>

                </ul>

            </div>

        </nav>

    </form>

    <div class="page-header bg-primary">

        <div class="container text-center py-3">

        <?php

            if (getPGV('submit') == "terms") {

                echo file_get_contents('snippets/headerTerms.txt');

            } else if (getPGV('submit') == "privacy") {

                echo file_get_contents('snippets/headerPrivacy.txt');

            } else if (getPGV('submit') == "coupons") {

                echo file_get_contents('snippets/headerCoupons.txt');

            } else if (getPGV('submit') == "wishlist") {

                echo file_get_contents('snippets/headerWishlist.txt');

            } else {

                echo '<p id="textslide" class="d-none d-sm-block">FindCheapMusic.com</p>';

            }

        ?>

        </div>

    </div>

	<div class="container-fluid bg-primary py-3">

        <?php

        if (!in_array(getPGV('submit'), array("terms", "privacy", "coupons", "wishlist"))) {

            echo $_SESSION["filterWarnings"];

        }

        ?>

        <form <?php if (in_array(getPGV('submit'), array("terms", "privacy", "coupons", "wishlist"))) {echo "hidden";} ?> method="post" action="/index.php" class="form-inline"

            onsubmit="if (document.getElementById('searchTerm').value != '') { progressBar('Searching for:<br>' + document.getElementById('searchTerm').value);document.getElementById('searchBtn').innerHTML = '&lt;span class=\'spinner-border spinner-border-sm\'&gt;&lt;/span&gt; Searching, please wait...'; }">

            <input id="sessionId" type="hidden" name="sessionId" value="<?php echo session_id(); ?>">

            <input id="sessionTab" type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

        	<div class="form-group">

                <div class="btn-group">

                    <button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#searchInfoModal" data-toggle2="tooltip" title="Search Tips"><i class="fas fa-info-circle btn-search"></i></button>

                    <button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#filterModal" data-keyboard="false" data-toggle2="tooltip" title="Search Filter"><i class="fas fa-filter btn-search"></i></button>

                    <div class="btn-group">

                        <button class="btn dropdown-toggle <?php echo ($_SESSION["buyer"]["Zip"] == '' ? "bg-warning" : "input-group-text"); ?> mx-1 rounded" type="button" data-toggle="dropdown" data-toggle2="tooltip" title="<?php echo ($_SESSION["buyer"]["Zip"] == '' ? "Please enter your postal code to get the accurate shipping cost for items listed using a shipping rate table." : "Shipping to"); ?>"><i class="fas fa-shipping-fast btn-search"></i></button>

                        <div class="dropdown-menu">

                            <div class="form-inline">

                                <label class="m-2">Shipping to:</label>

                                <input type="text" class="form-control form-control-sm m-2" maxlength="20" style="width:12em!important" id="buyerCountry" name="buyerCountry" value="United States" readonly>

                                <input type="text" class="form-control form-control-sm m-2" maxlength="3" style="width:3.5em!important" id="buyerCurrency" name="buyerCurrency" value="USD" readonly>

                                <input type="text" class="form-control form-control-sm m-2" maxlength="5" style="width:5.5em!important" id="buyerZip" name="buyerZip" placeholder="Zip Code" value="<?php echo $_SESSION["buyer"]["Zip"];?>">

                            </div>

                        </div>

                    </div>

                </div>

        	</div>

        	<div class="form-group mx-1">

        	    <input id="searchTerm" list="searchHistory" name="searchTerm" type="text" class="form-control flexdatalist searchTerm-width" placeholder="Search by Barcode, Artist, Title, ..." value="<?php echo getSV("searchTerm") ?>">

        	    <datalist id="searchHistory">

            	    <?php echo getSearchHistory(); ?>

            	</datalist>

            </div>

        	<div class="form-group">

                <button id="searchBtn" type="submit" class="btn btn-success mx-1 rounded" name="submit" value="Search">Go</button>

            </div>

        </form>

    </div>

    <?php

    if (getPGV('submit') == "terms") {

        echo file_get_contents('snippets/terms.txt');

    } else if (getPGV('submit') == "privacy") {

        echo file_get_contents('snippets/privacy.txt');

    } else if (getPGV('submit') == "coupons") {

        //get_linkshareCoupons(); // bugbug

        echo getCouponCodes();

    } else if (getPGV('submit') == "wishlist") {

        echo getWishlist();

    } else if (getPGV('submit') == "random") {

        if (!empty($_SESSION['wishlistAdd'])) {

            echo $_SESSION['wishlistAdd'];

            $_SESSION['wishlistAdd'] = '';

        }

        findDiscogsMaster("***RANDOM***");

        echo $_SESSION["discogs"];

    } else {

        if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {

            if (!empty($_SESSION['wishlistAdd'])) {

                echo $_SESSION['wishlistAdd'];

                $_SESSION['wishlistAdd'] = '';

            }

            echo $_SESSION["discogs"];

	        echo "<div id=\"productTable\">";

            echo printTableHeader();

            echo buildTable();

            echo "</div>";

        } else if (!empty($_SESSION["discogs"])) {

            if (!empty($_SESSION['wishlistAdd'])) {

                echo $_SESSION['wishlistAdd'];

                $_SESSION['wishlistAdd'] = '';

            }

            echo $_SESSION["discogs"];

        } else {

             ?>

    <div class="container-fluid text-center">

    <form method="post" action="/index.php">

        <input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

       	<input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">

       	<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"];?>">

        <button id="randomBtn" type="submit" class="btn btn-success mt-5 rounded" name="submit" value="random">Random Album Suggestions</button>

    </form>

    </div>

        <?php }

        echo printSearchFilterModal();

        echo printSearchInfoModal();

    }

    ?>

    <div class="modal" id="progressBarDiv">

        <div class="modal-dialog modal-dialog-centered">

            <div class="modal-content">

                <div class="modal-header">

                    <h4 id="progressBarHeader">Searching</h4>

                </div>

                <div class="modal-body">

                    <div class="progress">

                        <div id="progressBar" class="progress-bar" style="width:0%">0%</div>

                    </div>

                </div>

                <div class="modal-footer">

                    <span id="progressBarMessage"></span>

                </div>

            </div>

        </div>

    </div>

    <footer class="container-fluid text-center bg-primary py-5 mt-5">

        <?php if (!empty($_SESSION["searchTerm"])) {

            echo "<p>Disclaimer: As an Associate we earn from qualifying purchases.</p>";

        }

        ?>

        <form method="post" action="/index.php">

            <input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

       	    <input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">

           	<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"];?>">

            <ul class="list-inline text-center">

                <li class="list-inline-item">

                    <button class="btn btn-sm bg-light" type="submit" name="submit" value="terms">Terms of Service</button>

                </li>

                <li class="list-inline-item">

                    <button class="btn btn-sm bg-light" type="submit" name="submit" value="privacy">Privacy Policy</button>

                </li>

            </ul>

        </form>

        <p>Copyright &#169; <?php echo @date("Y"); ?> FindCheapMusic.com. All rights reserved.</p>

    </footer>

    <script src="js/dr.min.js" integrity="sha384-FL/VpjCnfHGWtXwxie9wD7sUL0dH7754e5+41/shx9YaRujt5F7lf7OXXFuzB9Y8" crossorigin="anonymous"></script>

    <script>var quotes = [

    <?php

        if ($file = fopen("snippets/header.txt", "r")) {

            while (($line = fgets($file)) !== false) {

                echo "\"" . trim($line) . "\",";

            }

            fclose($file);

        }

     ?>

    ]; var i = 0; setInterval(function() { $("#textslide").html(quotes[i]); if (i == quotes.length) i=0; else i++; }, 5 * 1000);</script>

</body>

</html>

<?php MySessionHandler::commit(session_id()); ?>