Subversion Repositories cheapmusic

<?php

include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/dnsexit.php");

include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");

include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");

include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");

include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");

include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");

error_reporting(E_ALL);

$userData = [];

$userTheme = 'default';

$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);

$crypt = Cryptor::getInstance($configFile['cryptor']);

$tmpSessionTab = (isset($_POST["sessionTab"]) && $_POST["sessionTab"] > 0 ? $_POST["sessionTab"] : null);

$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);

$vendors = Vendors::getInstance();

$vendors->setVendor($configFile['ebay'], Vendors::EBAY);

$vendors->setVendor($configFile['discogs'], Vendors::DISCOGS);

$vendors->setVendor($configFile['linkshare'], Vendors::LINKSHARE);

$vendors->setVendor($configFile['cjaffiliate'], Vendors::CJAFFILIATE);

$vendors->setVendor($configFile['walmart'], Vendors::WALMART);

$vendors->setVendor($configFile['itunes'], Vendors::ITUNES);

$vendors->setVendor($configFile['amazon'], Vendors::AMAZON);

unset($configFile);

ini_set("session.cookie_httponly", 1);

ini_set("session.cookie_secure", 1);

session_set_save_handler($handler, true);

if (!empty($_COOKIE['PHPSESSID'])) {

    session_id($_COOKIE['PHPSESSID']);

}

session_start();

// Check whether user ID is available in cookie

if (!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash']) && empty($_SESSION['sessData']['loginType'])) {

    require_once 'login/includes/config.php';

    require_once 'login/includes/User.class.php';

    require_once 'login/includes/password.php';

    $user = new User();

    $conditions['where'] = array(

        'id' => $_COOKIE['rememberUserId']

    );

    $conditions['return_type'] = 'single';

    $userData = $user->getRows($conditions);

    if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {

        $_SESSION['sessData']['userLoggedIn'] = true;

        $_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];

        $userPicture = getUserImage($userData);

        $userTheme = $userData['theme'];

        $_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');

        if (empty($_SESSION["manualFilter"])) {

            $_SESSION['buyer']['Zip'] = $userData['zip'];

            $_SESSION['buyer']['Country'] = 'United States';

            $_SESSION['buyer']['Currency'] = 'USD';

            $_SESSION["filterCondition"]["New"] = $userData['conditionNew'];

            $_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];

            $_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];

            $_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];

            $_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];

            $_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];

        }

    }

    else {

        unsetSessData();

    }

    // or if the user has already logged in

}

else if (isLoggedIn()) {

    require_once 'login/includes/config.php';

    require_once 'login/includes/User.class.php';

    require_once 'login/includes/password.php';

    $user = new User();

    $conditions['where'] = array(

        'id' => $_SESSION['sessData']['userID']

    );

    $conditions['return_type'] = 'single';

    $userData = $user->getRows($conditions);

    if (!empty($userData)) {

        $userPicture = getUserImage($userData);

        $userTheme = $userData['theme'];

        $_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');

        if (empty($_SESSION["manualFilter"])) {

            $_SESSION['buyer']['Zip'] = $userData['zip'];

            $_SESSION['buyer']['Country'] = 'United States';

            $_SESSION['buyer']['Currency'] = 'USD';

            $_SESSION["filterCondition"]["New"] = $userData['conditionNew'];

            $_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];

            $_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];

            $_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];

            $_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];

            $_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];

        }

    }

    else {

        unsetSessData();

    }

    // not logged in

}

else {

    unsetSessData();

}

checkPriceMonitor();

?>

<!DOCTYPE html>

<html lang="en-US">

<head>

    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

    <title>Find Cheap Music... CDs, Records, Digital, Books and Sheets</title>

    <meta name="viewport" content="width=device-width, initial-scale=1">

    <?php include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/header.php"); ?>

    <link rel="stylesheet" href="/css/jquery.flexdatalist.min.css" integrity="sha384-IUkltzhO8hiEuEm0UJQvWrrtE1xqVHA0NbUeIY7a+zCokg7LqiDf5HSt69ru8a7R" crossorigin="anonymous">

    <script src="/js/jquery.flexdatalist.min.js" integrity="sha384-JKZ5fd3wxuyCR/AhbpbYALE2xwlYMGYu0XpsXixX7YOni1G0is+vwTuSMuGGYhnl" crossorigin="anonymous"></script>

    <script src="/js/input-clearer.min.js" integrity="sha384-PPIpFAWvzKO0l06o6zNV8tPFHNistosIDKHylKx5kJIM9zceSlJxAScUWQpt02xy" crossorigin="anonymous"></script>

    <script src="/js/paginate.min.js" integrity="sha384-sN78hrw/H8RzeS4ete92bJj3Y0lEBeiryHisgrRm/pvsPyGLf0M14Vnm+cRxVchm" crossorigin="anonymous"></script>

    <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">

    <link rel="icon" href="/favicon.ico" type="image/x-icon">

</head>

<body>

<?php

initSessionVariables();

if ($_SERVER["REQUEST_METHOD"] == "POST") {

    if ($_POST["submit"] == "Search") {

        if (empty($_SESSION['buyer']['Zip'])) {

            $zip = (empty($_POST['buyerZip']) ? "" : sanitizeInput($_POST['buyerZip']));

            if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {

                if ($_SESSION["buyer"]["Zip"] != $zip) {

                    $_SESSION["manualFilter"] = true;

                    $_SESSION["buyer"]["Zip"] = $zip;

                }

            }

            else if (strlen($zip) == 0) {

                $_SESSION["buyer"]["Zip"] = "";

            }

        }

        $_SESSION["discogsTitle"] = "";

        $_SESSION["discogsArtist"] = "";

        $searchTerm = (empty($_POST['searchTerm']) ? "" : searchFriendlyString($_POST['searchTerm']));

        if (empty($searchTerm)) {

            resetSessionVars();

        }

        else {

            $_SESSION["searchTerm"] = $searchTerm;

            if (checkSearchFilters()) {

                performSearch();

            }

        }

    }

    else if ($_POST["submit"] == "Save") {

        $_SESSION["manualFilter"] = true;

        if (!isset($_POST["filterCondition"])) {$_POST["filterCondition"] = []; }

        if (!is_array($_POST["filterCondition"])) { $_POST["filterCondition"] = [ $_POST["filterCondition"] ];}

        $_SESSION["filterCondition"]["New"] = in_array("New", $_POST["filterCondition"]);

        $_SESSION["filterCondition"]["Used"] = in_array("Used", $_POST["filterCondition"]);

        if (!isset($_POST["filterMediaType"])) {$_POST["filterMediaType"] = []; }

        if (!is_array($_POST["filterMediaType"])) { $_POST["filterMediaType"] = [ $_POST["filterMediaType"] ];}

        $_SESSION["filterMediaType"]["CD"] = in_array("CD", $_POST["filterMediaType"]);

        $_SESSION["filterMediaType"]["Record"] = in_array("Record", $_POST["filterMediaType"]);

        $_SESSION["filterMediaType"]["Digital"] = in_array("Digital", $_POST["filterMediaType"]);

        $_SESSION["filterMediaType"]["Book"] = in_array("Book", $_POST["filterMediaType"]);

        $_SESSION["discogsTitle"] = "";

        $_SESSION["discogsArtist"] = "";

        $searchTerm = searchFriendlyString($_POST['searchTerm']);

        if (empty($searchTerm)) {

            resetSessionVars();

        }

        else {

            $_SESSION["searchTerm"] = $searchTerm;

            if (checkSearchFilters()) {

                performSearch();

            }

        }

    }

    else if ($_POST["submit"] == "discogsSearch") {

        $searchTerm = "";

        if (!empty($_POST['discogsBarcode'])) {

            $searchTerm = searchFriendlyString($_POST['discogsBarcode']);

        }

        else {

            if (!empty($_POST['discogsTitle'])) {

                $searchTerm = $_POST['discogsTitle'];

            }

            if (!empty($_POST['discogsArtist'])) {

                $searchTerm .= " " . $_POST['discogsArtist'];

            }

            $searchTerm = trim($searchTerm);

        }

        if (empty($searchTerm)) {

            resetSessionVars();

        }

        else {

            $_SESSION["searchTerm"] = $searchTerm;

            if (isset($_POST['discogsTitle'])) {

                $_SESSION["discogsTitle"] = searchFriendlyString($_POST['discogsTitle']);

            }

            if (isset($_POST['discogsArtist'])) {

                $_SESSION["discogsArtist"] = searchFriendlyString($_POST['discogsArtist']);

            }

            if (checkSearchFilters()) {

                performSearch();

            }

        }

    }

    else if ($_POST["submit"] == "unsubscribe") {

// bugbug

    }

    else if (in_array($_POST["submit"], $buttonArr)) {

        $_SESSION["currentView"] = $_POST["submit"];

        filterResults();

    }

}

else if ($_SERVER["REQUEST_METHOD"] == "GET") {

    if (isset($_GET['z'])) {

        $_SESSION["buyer"]["Zip"] = "";

        $zip = sanitizeInput($_GET['z']);

        if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {

            $_SESSION["buyer"]["Zip"] = $zip;

        }

    }

    $_SESSION["searchTerm"] = "";

    if (isset($_GET['q'])) {

        $_SESSION["searchTerm"] = searchFriendlyString($_GET["q"]);

        if (checkSearchFilters()) {

            performSearch();

        }

    }

}

?>

    <form method="post" action="/index.php">

        <input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

       	<input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">

       	<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"]; ?>">

        <nav class="navbar navbar-expand-sm bg-black navbar-dark fixed-top">

            <div class="navbar-header">

                <button type="submit" name="submit" value="Search" class="btn text-white">Find Cheap Music</button>

            </div>

            <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleNavbar">

                <span class="navbar-toggler-icon"></span>

            </button>

            <div class="collapse navbar-collapse" id="collapsibleNavbar">

                <ul class="navbar-nav mr-auto">

                    <li class="nav-item">

                        <button type="submit" name="submit" value="Search" class="nav-link btn"><i class="fas fa-home"></i></button>

                    </li>

                    <?php if (isLoggedIn()) { ?>

                        <li class="nav-item">

                            <button type="submit" name="submit" value="coupons" class="nav-link btn">Coupons</button>

                        </li>

                        <li class="nav-item">

                            <button type="submit" name="submit" value="wishlist" class="nav-link btn">Wishlist

                            <?php if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) { echo '<scan class="badge badge-pill badge-light">New</scan>'; } ?>

                            </button>

                        </li>

                    <?php

} ?>

                    <li class="nav-item">

                        <button type="submit" name="submit" value="terms" class="nav-link btn">Terms of Service</button>

                    </li>

                    <li class="nav-item">

                        <button type="submit" name="submit" value="privacy" class="nav-link btn">Privacy Policy</button>

                    </li>

                    <li class="nav-item">

                        <button type="submit" name="submit" value="help" class="nav-link btn"><i class="far fa-question-circle"></i></button>

                    </li>

                </ul>

                <ul class="navbar-nav">

                    <?php if (!isLoggedIn()) { ?>

                    <li class="nav-item">

                        <a href="/login/index.php" class="nav-link btn"><i class='fas fa-sign-in-alt'></i> Login</a>

                    </li>

                    <?php

}

else { ?>

                        <li class="nav-item">

                            <img class="img-fluid hide-extra-small hide-small user-img" src="<?php echo $userPicture ?>" alt="User Image">

                        </li>

                        <li class="nav-item dropdown">

                          <a class="nav-link dropdown-toggle" href="#" id="navbardrop" data-toggle="dropdown"><i class="fas fa-user-cog"></i> Account</a>

                          <div class="dropdown-menu dropdown-menu-right">

                              <button formaction="/login/account.php" type="submit" name="submit" value="account" class="dropdown-item btn"><i class="fas fa-info-circle"></i> Information</button>

                              <button formaction="/login/editAccount.php" type="submit" name="submit" value="editAccount" class="dropdown-item btn"><i class="fas fa-edit"></i> Edit Account</button>

                              <?php if (empty($_SESSION['sessData']['loginType']) || $_SESSION['sessData']['loginType'] != 'social') { ?>

                                  <button formaction="/login/changePassword.php" type="submit" name="submit" value="changePassword" class="dropdown-item btn"><i class="fas fa-key"></i> Change Password</button>

                              <?php

    } ?>

                              <button formaction="/login/userAccount.php?logoutSubmit=1" type="submit" name="submit" value="logout" class="dropdown-item btn"><i class='fas fa-sign-out-alt'></i> Logout</button>

                          </div>

                        </li>

                    <?php

} ?>

                </ul>

            </div>

        </nav>

    </form>

    <div class="page-header bg-primary">

        <div class="container text-center py-3">

        <?php

if (getPGV('submit') == "terms") {

    echo file_get_contents('snippets/headerTerms.txt');

}

else if (getPGV('submit') == "privacy") {

    echo file_get_contents('snippets/headerPrivacy.txt');

}

else if (getPGV('submit') == "coupons") {

    echo file_get_contents('snippets/headerCoupons.txt');

}

else if (getPGV('submit') == "wishlist") {

    echo file_get_contents('snippets/headerWishlist.txt');

    if (!empty($_SESSION['priceMonitor'])) {

    ?>

    <form method="post" action="/index.php">

        <input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

        <button id="priceMonitor" type="submit" class="btn btn-success rounded" name="submit" value="priceMonitor">Price Monitor Results

        <?php if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) { echo '<scan class="badge badge-pill badge-dark">New</scan>'; } ?>

        </button>

    </form>

    <?php

    }

}

else if (getPGV('submit') == "priceMonitor") {

    echo file_get_contents('snippets/headerPriceMonitor.txt');

}

else if (getPGV('submit') == "help") {

    echo file_get_contents('snippets/headerHelp.txt');

}

else if (getPGV('submit') == "unsubscribe") {

    echo file_get_contents('snippets/unsubscribeWishlist.txt');

}

else {

    echo '<p id="textslide" class="d-none d-sm-block">FindCheapMusic.com</p>';

}

?>

        </div>

    </div>

	<div class="container-fluid bg-primary py-3">

        <?php

if (!in_array(getPGV('submit') , array(

    "terms",

    "privacy",

    "coupons",

    "wishlist",

    "priceMonitor",

    "help",

    "unsubscribe"

))) {

    echo $_SESSION["filterWarnings"];

}

?>

        <form <?php if (in_array(getPGV('submit') , array(

    "terms",

    "privacy",

    "coupons",

    "wishlist",

    "priceMonitor",

    "help",

    "unsubscribe"

))) {

    echo "hidden";

} ?> method="post" action="/index.php" class="form-inline"

            onsubmit="if (document.getElementById('searchTerm').value != '') { progressBar('Searching for:<br><br><strong>' + document.getElementById('searchTerm').value.toLowerCase().replace(/(?:(^.{1})|\ [a-z]{1})/g, function(a){return a.toUpperCase();}) + '</strong>');document.getElementById('searchBtn').innerHTML = '&lt;span class=\'spinner-border spinner-border-sm\'&gt;&lt;/span&gt; Searching, please wait...'; }">

            <input id="sessionId" type="hidden" name="sessionId" value="<?php echo session_id(); ?>">

            <input id="sessionTab" type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

        	<div class="form-group">

                <div class="btn-group">

                    <button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#searchInfoModal" data-toggle2="tooltip" title="Search Tips"><i class="fas fa-info-circle btn-search"></i></button>

                    <button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#filterModal" data-keyboard="false" data-toggle2="tooltip" title="Search Filter"><i class="fas fa-filter btn-search"></i></button>

                    <div class="btn-group">

                        <button class="btn dropdown-toggle <?php echo ($_SESSION["buyer"]["Zip"] == '' ? "btn-warning" : "input-group-text"); ?> mx-1 rounded" type="button" data-toggle="dropdown" data-toggle2="tooltip" title="<?php echo ($_SESSION["buyer"]["Zip"] == '' ? "Please enter your postal code to get the accurate shipping cost for items listed using a shipping rate table." : "Shipping to"); ?>"><i class="fas fa-shipping-fast btn-search"></i></button>

                        <div class="dropdown-menu">

                            <div class="form-inline">

                                <label class="m-2">Shipping to:</label>

                                <input type="text" class="form-control form-control-sm m-2" maxlength="20" style="width:12em!important" id="buyerCountry" name="buyerCountry" value="United States" readonly>

                                <input type="text" class="form-control form-control-sm m-2" maxlength="3" style="width:3.5em!important" id="buyerCurrency" name="buyerCurrency" value="USD" readonly>

                                <input type="text" class="form-control form-control-sm m-2" maxlength="5" style="width:5.5em!important" id="buyerZip" name="buyerZip" placeholder="Zip Code" value="<?php echo $_SESSION["buyer"]["Zip"]; ?>">

                            </div>

                        </div>

                    </div>

                </div>

        	</div>

        	<div class="form-group mx-1">

        	    <input id="searchTerm" list="searchHistory" name="searchTerm" type="text" class="form-control flexdatalist searchTerm-width" placeholder="Search by Barcode, Artist, Title, ..." value="<?php echo getSV("searchTerm") ?>">

        	    <datalist id="searchHistory">

            	    <?php echo getSearchHistory(); ?>

            	</datalist>

            </div>

        	<div class="form-group">

                <button id="searchBtn" type="submit" class="btn btn-success mx-1 rounded" name="submit" value="Search">Go</button>

            </div>

        </form>

    </div>

    <?php

if (getPGV('submit') == "terms") {

    echo file_get_contents('snippets/terms.txt');

}

else if (getPGV('submit') == "privacy") {

    echo file_get_contents('snippets/privacy.txt');

}

else if (getPGV('submit') == "help") {

    echo file_get_contents('snippets/help.txt');

}

else if (getPGV('submit') == "coupons") {

    //get_linkshareCoupons(); // bugbug

    echo getCouponCodes();

}

else if (getPGV('submit') == "wishlist") {

    echo getWishlist();

}

else if (getPGV('submit') == "priceMonitor") {

    echo "<div id=\"productTable\" class=\"container bg-secondary border pt-2\">";

    echo getPriceMonitor(); // bugbug

    echo "</div>";

}

else if (getPGV('submit') == "unsubscribe") {

    echo unsubscribeWishlist($_GET);

}

else if (getPGV('submit') == "random") {

    findDiscogsMaster("***RANDOM***");

    echo $_SESSION["discogs"];

}

else {

    if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {

        echo $_SESSION["discogs"];

        echo "<div id=\"productTable\" class=\"container bg-secondary border pt-2\">";

        echo printResultHeader();

        echo printResult();

        echo "</div>";

    }

    else if (!empty($_SESSION["discogs"])) {

        echo $_SESSION["discogs"];

    }

    else {

?>

    <div class="container-fluid text-center">

    <form method="post" action="/index.php">

        <input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

       	<input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">

       	<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"]; ?>">

        <button id="randomBtn" type="submit" class="btn btn-success mt-5 rounded" name="submit" value="random">Random Album Suggestions</button>

    </form>

    </div>

        <?php

    }

    echo printSearchFilterModal();

    echo printSearchInfoModal();

}

?>

    <div class="modal" id="progressBarDiv">

        <div class="modal-dialog modal-dialog-centered">

            <div class="modal-content">

                <div class="modal-header">

                    <h4 id="progressBarHeader">Searching</h4>

                </div>

                <div class="modal-body">

                    <div class="progress">

                        <div id="progressBar" class="progress-bar" style="width:0%">0%</div>

                    </div>

                </div>

                <div class="modal-footer">

                    <span id="progressBarMessage"></span>

                </div>

            </div>

        </div>

    </div>

    <button onclick="topFunction()" id="topBtn" title="Go to top">Top</button>

    <footer class="container-fluid text-center bg-primary py-5">

        <?php if (!empty($_SESSION["searchTerm"]) || getPGV('submit') == "priceMonitor") {

    echo "<p>Disclaimer: As an Associate we earn from qualifying purchases.</p>";

}

?>

        <form method="post" action="/index.php">

            <input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">

       	    <input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">

           	<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"]; ?>">

            <ul class="list-inline text-center">

                <li class="list-inline-item">

                    <button class="btn btn-sm btn-light" type="submit" name="submit" value="terms">Terms of Service</button>

                </li>

                <li class="list-inline-item">

                    <button class="btn btn-sm btn-light" type="submit" name="submit" value="privacy">Privacy Policy</button>

                </li>

            </ul>

        </form>

        <p>Copyright &#169; <?php echo @date("Y"); ?> FindCheapMusic.com. All rights reserved.</p>

    </footer>

    <script src="js/dr.min.js" defer integrity="sha384-13nSjiXnf6ZkKHA+iY6+r2+FuE1K798FX9WK/nZ+8qPUIcsn4lRM4zvrbnbb4QHR" crossorigin="anonymous"></script>

    <script>var quotes = [

    <?php

if ($file = fopen("snippets/header.txt", "r")) {

    while (($line = fgets($file)) !== false) {

        echo "\"" . trim($line) . "\",";

    }

    fclose($file);

}

?>

    ]; setInterval(function() { $("#textslide").html(quotes[Math.floor(Math.random() * (quotes.length + 1))]); }, 5 * 1000);</script>

</body>

</html>

<?php MySessionHandler::commit(session_id()); ?>