45 |
- |
1 |
<?php
|
65 |
- |
2 |
include_once ('php/clsLibGTIN.php');
|
|
|
3 |
include_once ('php/constants.php');
|
45 |
- |
4 |
|
|
|
5 |
error_reporting(E_ALL);
|
|
|
6 |
|
65 |
- |
7 |
// add new entry to wishlist
|
52 |
- |
8 |
function addWishlist($uid, $wlArr) {
|
50 |
- |
9 |
$nul = 'NULL';
|
45 |
- |
10 |
$conn = MySessionHandler::getDBSessionId();
|
|
|
11 |
|
|
|
12 |
$created = mysqli_real_escape_string($conn, time());
|
|
|
13 |
$modified = $created;
|
|
|
14 |
|
52 |
- |
15 |
$uid = mysqli_real_escape_string($conn, $uid);
|
|
|
16 |
$mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";
|
|
|
17 |
$rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";
|
81 |
- |
18 |
$asin = isset($wlArr->{'asin'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'asin'}) . "'" : "NULL";
|
50 |
- |
19 |
$barcode = (empty($wlArr->{'barcode'}) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr->{'barcode'}) . "'");
|
|
|
20 |
$title = isset($wlArr->{'title'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'title'}) . "'" : "NULL";
|
|
|
21 |
$artist = isset($wlArr->{'artist'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'artist'}) . "'" : "NULL";
|
73 |
- |
22 |
$cond = 'Any';
|
45 |
- |
23 |
$format = 'Any';
|
46 |
- |
24 |
$currency = 'USD'; //bugbug
|
45 |
- |
25 |
$price = 'NULL';
|
50 |
- |
26 |
$url = isset($wlArr->{'url'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'url'}) . "'" : "NULL";
|
|
|
27 |
$thumbnail = isset($wlArr->{'thumbnail'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) . "'" : "NULL";
|
96 |
- |
28 |
$ip = inet_pton($_SERVER['REMOTE_ADDR']);
|
45 |
- |
29 |
|
|
|
30 |
$sql = "INSERT
|
|
|
31 |
INTO wishlist
|
96 |
- |
32 |
(id, created, ip, modified, uid, mid, rid, asin, barcode, title, artist, cond, format, currency, price, url, thumbnail)
|
|
|
33 |
VALUES (NULL, '$created', '$ip', '$modified', '$uid', '$mid', '$rid', " . $asin . ", " . $barcode . ", " . $title . ", " . $artist . ", '$cond', '$format', '$currency', '$price', " . $url . ", " . $thumbnail . ")";
|
45 |
- |
34 |
|
|
|
35 |
if ($result = mysqli_query($conn, $sql)) {
|
52 |
- |
36 |
return 0;
|
65 |
- |
37 |
}
|
|
|
38 |
else {
|
45 |
- |
39 |
$error = mysqli_errno($conn);
|
|
|
40 |
if ($error == 1062) {
|
52 |
- |
41 |
return 1;
|
65 |
- |
42 |
}
|
|
|
43 |
else {
|
45 |
- |
44 |
error_log("MySQL Read Wishlist SQL: " . $sql);
|
52 |
- |
45 |
error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");
|
|
|
46 |
return -1;
|
45 |
- |
47 |
}
|
|
|
48 |
}
|
|
|
49 |
|
52 |
- |
50 |
return -1;
|
45 |
- |
51 |
}
|
|
|
52 |
|
46 |
- |
53 |
function checkWishlist($type, $id) {
|
45 |
- |
54 |
$conn = MySessionHandler::getDBSessionId();
|
81 |
- |
55 |
if ($type == "master") {
|
|
|
56 |
$colName = "mid";
|
|
|
57 |
} else if ($type == "release") {
|
|
|
58 |
$colName = "rid";
|
|
|
59 |
} else if ($type == "asin") {
|
|
|
60 |
$colName = "asin";
|
|
|
61 |
}
|
45 |
- |
62 |
|
52 |
- |
63 |
$uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);
|
45 |
- |
64 |
|
|
|
65 |
$sql = "SELECT id
|
|
|
66 |
FROM wishlist
|
81 |
- |
67 |
WHERE uid = '$uid' and $colName = '$id'";
|
45 |
- |
68 |
|
|
|
69 |
if ($result = mysqli_query($conn, $sql)) {
|
|
|
70 |
if (mysqli_num_rows($result) > 0) {
|
|
|
71 |
return true;
|
|
|
72 |
}
|
|
|
73 |
}
|
65 |
- |
74 |
else if (mysqli_errno($conn)) {
|
|
|
75 |
error_log("MySQL Check Wishlist SQL: " . $sql);
|
|
|
76 |
error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
|
|
|
77 |
return true;
|
|
|
78 |
}
|
45 |
- |
79 |
|
|
|
80 |
return false;
|
46 |
- |
81 |
}
|
|
|
82 |
|
|
|
83 |
function getWishlist() {
|
107 |
- |
84 |
if (!isLoggedIn()) {
|
116 |
- |
85 |
return ('<div class="container bg-warning text-center py-3"><p class="display-6"><i class="material-icons">error_outline</i> Please login to your Find Cheap Music account in order to maintain the wishlist.</p></div>');
|
107 |
- |
86 |
}
|
|
|
87 |
|
46 |
- |
88 |
$str = '';
|
|
|
89 |
$conn = MySessionHandler::getDBSessionId();
|
|
|
90 |
|
|
|
91 |
$uid = $_SESSION['sessData']['userID'];
|
|
|
92 |
|
|
|
93 |
$sql = "SELECT *
|
|
|
94 |
FROM wishlist
|
|
|
95 |
WHERE uid = '$uid'";
|
|
|
96 |
|
|
|
97 |
if ($result = mysqli_query($conn, $sql)) {
|
|
|
98 |
if (mysqli_num_rows($result) > 0) {
|
58 |
- |
99 |
$str .= "<div class=\"container\">";
|
52 |
- |
100 |
$str .= "<div class=\"input-group mt-3\">";
|
|
|
101 |
$str .= "<div class=\"input-group-prepend\">";
|
116 |
- |
102 |
$str .= "<span class=\"input-group-text\"><i class=\"material-icons\">search</i></span>";
|
52 |
- |
103 |
$str .= "</div>";
|
120 |
- |
104 |
$str .= "<input type=\"text\" class=\"form-control\" id=\"tableFilter\" placeholder=\"Search for..\" aria-label=\"Search for entry\" />";
|
52 |
- |
105 |
$str .= "<div class=\"input-group-append\" id=\"tableFilterButton\">";
|
120 |
- |
106 |
$str .= "<button id=\"tableFilterReset\" type=\"button\" class=\"btn rounded\"><i class=\"material-icons\">cancel_presentation</i></button>";
|
52 |
- |
107 |
$str .= "</div>";
|
120 |
- |
108 |
$str .= '<script nonce="' . base64_encode($_SESSION["nonce"]) .'">';
|
|
|
109 |
$str .= 'document.addEventListener("DOMContentLoaded", function() {';
|
|
|
110 |
$str .= ' document.getElementById("tableFilter").addEventListener("keyup", function() {';
|
|
|
111 |
$str .= ' filterWishlist();';
|
|
|
112 |
$str .= ' });';
|
|
|
113 |
$str .= ' document.getElementById("tableFilterReset").addEventListener("click", function() {';
|
|
|
114 |
$str .= ' document.getElementById("tableFilter").value = "";';
|
|
|
115 |
$str .= ' filterWishlist();';
|
|
|
116 |
$str .= ' });';
|
|
|
117 |
$str .= '});';
|
|
|
118 |
$str .= '</script>';
|
52 |
- |
119 |
$str .= "</div>";
|
|
|
120 |
|
61 |
- |
121 |
$str .= "<form method=\"post\" action=\"/index.php\">";
|
116 |
- |
122 |
$str .= "<input type=\"hidden\" name=\"sessionTab\" value=\"" . MySessionHandler::getSessionTab() . "\" />";
|
|
|
123 |
$str .= "<input id=\"discogsTitle\" type=\"hidden\" name=\"discogsTitle\" value=\"\" />";
|
|
|
124 |
$str .= "<input id=\"discogsArtist\" type=\"hidden\" name=\"discogsArtist\" value=\"\" />";
|
|
|
125 |
$str .= "<input id=\"discogsBarcode\" type=\"hidden\" name=\"discogsBarcode\" value=\"\" />";
|
122 |
- |
126 |
$str .= "<input type=\"hidden\" name=\"nonce\" value=\"" . $_SESSION["nonce"] . "\" />";
|
81 |
- |
127 |
$str .= "<div class=\"table\">";
|
124 |
- |
128 |
$str .= "<table id=\"wishlistTable\" class=\"table table-striped table-condensed table-hover small\">";
|
81 |
- |
129 |
$str .= "<thead class=\"thead-dark table-header-sticky\">";
|
124 |
- |
130 |
$str .= "<tr>";
|
|
|
131 |
$str .= "<th class=\"hide-medium\"></th>";
|
|
|
132 |
$str .= "<th id=\"sortColumn1\" class=\"text-left cursor-pointer\"><span class=\"nowrap\">Artist<span class=\"d-block d-md-none\"><br></span><i class=\"material-icons material-text material-nrm\">arrow_drop_up</i><i class=\"material-icons material-text material-nlm\">arrow_drop_down</i></span></th>";
|
|
|
133 |
$str .= "<th id=\"sortColumn2\" class=\"text-left cursor-pointer\"><span class=\"text-nowrap\">Title<span class=\"d-block d-md-none\"><br></span><i class=\"material-icons material-text material-nrm\">arrow_drop_up</i><i class=\"material-icons material-text material-nlm\">arrow_drop_down</i></span></th>";
|
120 |
- |
134 |
$str .= "<th id=\"sortColumn3\" class=\"d-none\"></th>";
|
121 |
- |
135 |
$str .= "<th id=\"sortColumn4\" class=\"cursor-pointer hide-medium hide-small\"><span class=\"text-nowrap\">Barcode <i class=\"material-icons material-text material-nrm\">arrow_drop_up</i><i class=\"material-icons material-text material-nlm\">arrow_drop_down</i></span></th>";
|
|
|
136 |
$str .= "<th id=\"sortColumn5\" class=\"cursor-pointer hide-small\"><span class=\"text-nowrap\">Condition <i class=\"material-icons material-text material-nrm\">arrow_drop_up</i><i class=\"material-icons material-text material-nlm\">arrow_drop_down</i></span></th>";
|
|
|
137 |
$str .= "<th id=\"sortColumn6\" class=\"cursor-pointer hide-small\"><span class=\"text-nowrap\">Format <i class=\"material-icons material-text material-nrm\">arrow_drop_up</i><i class=\"material-icons material-text material-nlm\">arrow_drop_down</i></span></th>";
|
65 |
- |
138 |
$str .= "<th class=\"d-none\">Ceiling Price Number</th>";
|
124 |
- |
139 |
$str .= "<th id=\"sortColumn7\" class=\"cursor-pointer\"><span class=\"text-nowrap\">Price<span class=\"d-block d-md-none\"><br></span><i class=\"material-icons material-text material-nrm\">arrow_drop_up</i><i class=\"material-icons material-text material-nlm\">arrow_drop_down</i></span></th>";
|
65 |
- |
140 |
$str .= "<th></th><th class=\"d-none\"></th></tr></thead>";
|
120 |
- |
141 |
$str .= '<script nonce="' . base64_encode($_SESSION["nonce"]) .'">';
|
|
|
142 |
$str .= 'document.addEventListener("DOMContentLoaded", function() {';
|
|
|
143 |
$str .= ' document.getElementById("sortColumn1").addEventListener("click", function() {';
|
|
|
144 |
$str .= ' sortTable("wishlistTable", 1, "text");';
|
|
|
145 |
$str .= ' });';
|
|
|
146 |
$str .= ' document.getElementById("sortColumn2").addEventListener("click", function() {';
|
|
|
147 |
$str .= ' sortTable("wishlistTable", 2, "text");';
|
|
|
148 |
$str .= ' });';
|
|
|
149 |
$str .= ' document.getElementById("sortColumn4").addEventListener("click", function() {';
|
|
|
150 |
$str .= ' sortTable("wishlistTable", 4, "text");';
|
|
|
151 |
$str .= ' });';
|
|
|
152 |
$str .= ' document.getElementById("sortColumn5").addEventListener("click", function() {';
|
|
|
153 |
$str .= ' sortTable("wishlistTable", 5, "text");';
|
|
|
154 |
$str .= ' });';
|
|
|
155 |
$str .= ' document.getElementById("sortColumn6").addEventListener("click", function() {';
|
|
|
156 |
$str .= ' sortTable("wishlistTable", 6, "text");';
|
|
|
157 |
$str .= ' });';
|
|
|
158 |
$str .= ' document.getElementById("sortColumn7").addEventListener("click", function() {';
|
|
|
159 |
$str .= ' sortTable("wishlistTable", 7, "numeric");';
|
|
|
160 |
$str .= ' });';
|
|
|
161 |
$str .= '});';
|
|
|
162 |
$str .= '</script>';
|
65 |
- |
163 |
$str .= "<tbody>";
|
46 |
- |
164 |
|
65 |
- |
165 |
while ($row = mysqli_fetch_assoc($result)) {
|
125 |
- |
166 |
$artist = (empty($row["artist"]) ? "Various" : htmlentities($row["artist"]));
|
|
|
167 |
$altText = "Image for " . htmlentities($row['title']) . " by " . $artist;
|
46 |
- |
168 |
$price = print_monetary($row['price'], $row['currency']);
|
125 |
- |
169 |
$searchTitle = 'Searching for:<br><br><strong>' . htmlentities($row['title']) . " by " . $artist;
|
50 |
- |
170 |
if ($row['barcode'] !== null) {
|
|
|
171 |
$searchTitle .= " (" . displayBarcode($row['barcode']) . ")";
|
|
|
172 |
}
|
52 |
- |
173 |
$searchTitle .= "</strong>";
|
47 |
- |
174 |
|
124 |
- |
175 |
$str .= "<tr class=\"border\">";
|
|
|
176 |
$str .= "<td class=\"hide-medium wl-img\"><img class=\"img-fluid lazyload\" src=\"data:image/png;base64,R0lGODlhAQABAAD/ACwAAAAAAQABAAACADs=\" data-src=\"" . $row["thumbnail"] . "\" alt=\"" . $altText . "\" /></td>";
|
65 |
- |
177 |
$str .= "<td>$artist</td>";
|
125 |
- |
178 |
$str .= "<td>" . htmlentities($row['title']) . "</td>";
|
65 |
- |
179 |
$str .= "<td class=\"d-none\">" . $row['barcode'] . "</td>";
|
121 |
- |
180 |
$str .= "<td class=\"hide-medium hide-small\">" . displayBarcode($row['barcode']) . "</td>";
|
|
|
181 |
$str .= "<td class=\"hide-small\">" . $row['cond'] . "</td>";
|
|
|
182 |
$str .= "<td class=\"hide-small\">" . $row['format'] . "</td>";
|
65 |
- |
183 |
$str .= "<td class=\"d-none\">" . $row['price'] . "</td>";
|
|
|
184 |
$str .= "<td>" . $price . "</td>";
|
124 |
- |
185 |
$str .= "<td><span class=\"text-nowrap\"><button id=\"wlEditBtn" . $row['id'] . "\" class=\"btn btn-sm btn-warning rounded px-1\" type=\"button\" data-toggle=\"tooltip\" title=\"Edit\" aria-label=\"Edit Entry\"><i class=\"material-icons\">edit</i></button>";
|
|
|
186 |
$str .= " ";
|
|
|
187 |
$str .= "<button id=\"wlDeleteBtn" . $row['id'] . "\" class=\"btn btn-sm btn-danger rounded px-1\" type=\"button\" data-toggle=\"tooltip\" title=\"Delete\" aria-label=\"Delete Entry\"><i class=\"material-icons\">cancel_presentation</i></button>";
|
|
|
188 |
$str .= " ";
|
|
|
189 |
$str .= "<a class=\"btn btn-sm btn-info rounded px-1 hide-small\" role=\"button\" data-toggle=\"tooltip\" title=\"Information\" aria-label=\"Information for Entry\" href=\"" . htmlentities($row['url']) . "\" target=\"_blank\" rel=\"noreferrer noopener\"><i class=\"material-icons\">info_outline</i></a>";
|
|
|
190 |
$str .= " ";
|
|
|
191 |
$str .= "<button id=\"wlSearchBtn" . $row['id'] . "\" type=\"submit\" name=\"submit\" value=\"discogsSearch\" class=\"btn btn-sm btn-success rounded px-1\"><i class=\"material-icons\" title=\"Search for Store Offers\" aria-label=\"Search Store Offers for Entry\" data-toggle=\"tooltip\">search</i></button></span></td>";
|
65 |
- |
192 |
$str .= "<td class=\"d-none\" id=\"wlIdRow" . $row['id'] . "\"></td>";
|
52 |
- |
193 |
|
120 |
- |
194 |
$str .= '<script nonce="' . base64_encode($_SESSION["nonce"]) .'">';
|
|
|
195 |
$str .= 'document.addEventListener("DOMContentLoaded", function() {';
|
|
|
196 |
$str .= ' document.getElementById("wlEditBtn' . $row['id'] . '").addEventListener("click", function() {';
|
|
|
197 |
$str .= ' editWishlist("' . $row["id"] . '", document.getElementById("wlEditBtn' . $row['id'] . '"));';
|
|
|
198 |
$str .= ' });';
|
|
|
199 |
$str .= ' document.getElementById("wlDeleteBtn' . $row['id'] . '").addEventListener("click", function() {';
|
125 |
- |
200 |
$str .= ' deleteWishlist("' . $row["id"] . '", document.getElementById("wlDeleteBtn' . $row['id'] . '"),"' . htmlentities($row['title']) . '","' . htmlentities($artist) . '");';
|
120 |
- |
201 |
$str .= ' });';
|
|
|
202 |
$str .= ' document.getElementById("wlSearchBtn' . $row['id'] . '").addEventListener("click", function() {';
|
|
|
203 |
$str .= ' document.getElementById("discogsTitle").value = "' . sanitizeInput2($row["title"]) . '";';
|
|
|
204 |
$str .= ' document.getElementById("discogsArtist").value = "' . sanitizeInput2($row['artist']) . '";';
|
|
|
205 |
$str .= ' document.getElementById("discogsBarcode").value = "' . sanitizeInput2($row['barcode']) . '";';
|
|
|
206 |
$str .= ' progressBar("' . $searchTitle . '");';
|
|
|
207 |
$str .= ' });';
|
|
|
208 |
$str .= '});';
|
|
|
209 |
$str .= '</script>';
|
|
|
210 |
|
65 |
- |
211 |
$str .= "</tr>";
|
46 |
- |
212 |
}
|
52 |
- |
213 |
|
46 |
- |
214 |
$str .= "</tbody>";
|
|
|
215 |
$str .= "</table>";
|
58 |
- |
216 |
$str .= "</div>";
|
61 |
- |
217 |
$str .= "</form>";
|
52 |
- |
218 |
|
65 |
- |
219 |
$str .= '<div class="modal fade" id="editWishlistModal">';
|
|
|
220 |
$str .= ' <div class="modal-dialog">';
|
|
|
221 |
$str .= ' <div class="modal-content">';
|
124 |
- |
222 |
$str .= ' <div class="modal-header bg-secondary">';
|
109 |
- |
223 |
$str .= ' <p class="modal-title display-6">Edit Wishlist Entry</p>';
|
65 |
- |
224 |
$str .= ' </div>';
|
|
|
225 |
$str .= ' <span class="mt-0" id="wlMsg"></span>';
|
116 |
- |
226 |
$str .= ' <input type="hidden" name="sessionTab" value="' . MySessionHandler::getSessionTab() . '" />';
|
|
|
227 |
$str .= ' <input type="hidden" name="wlId" id="wlId" />';
|
65 |
- |
228 |
$str .= ' <div class="modal-body">';
|
|
|
229 |
$str .= ' <div class="form-group">';
|
|
|
230 |
$str .= ' <label for="wlArtist">Artist:</label>';
|
116 |
- |
231 |
$str .= ' <input type="text" class="form-control" id="wlArtist" />';
|
65 |
- |
232 |
$str .= ' </div>';
|
|
|
233 |
$str .= ' <div class="form-group">';
|
|
|
234 |
$str .= ' <label for="wlTitle">Title:</label>';
|
116 |
- |
235 |
$str .= ' <input type="text" class="form-control" id="wlTitle" />';
|
65 |
- |
236 |
$str .= ' </div>';
|
|
|
237 |
$str .= ' <div class="form-group">';
|
|
|
238 |
$str .= ' <label for="wlBarcode">Barcode:</label>';
|
116 |
- |
239 |
$str .= ' <input type="text" class="form-control" id="wlBarcode" />';
|
65 |
- |
240 |
$str .= ' </div>';
|
|
|
241 |
$str .= ' <div class="form-group">';
|
73 |
- |
242 |
$str .= ' <label for="wlCond">Condition:</label>';
|
|
|
243 |
$str .= ' <select class="form-control" id="wlCond">';
|
|
|
244 |
$str .= ' <option>Any</option>';
|
|
|
245 |
$str .= ' <option>New</option>';
|
|
|
246 |
$str .= ' <option>Used</option>';
|
|
|
247 |
$str .= ' </select>';
|
|
|
248 |
$str .= ' </div>';
|
|
|
249 |
$str .= ' <div class="form-group">';
|
65 |
- |
250 |
$str .= ' <label for="wlFormat">Format:</label>';
|
|
|
251 |
$str .= ' <select class="form-control" id="wlFormat">';
|
|
|
252 |
$str .= ' <option>Any</option>';
|
|
|
253 |
$str .= ' <option>CD</option>';
|
|
|
254 |
$str .= ' <option>Record</option>';
|
|
|
255 |
$str .= ' <option>Digital</option>';
|
|
|
256 |
$str .= ' <option>Book</option>';
|
|
|
257 |
$str .= ' </select>';
|
|
|
258 |
$str .= ' </div>';
|
|
|
259 |
$str .= ' <div class="form-group">';
|
|
|
260 |
$str .= ' <label for="wlPrice">Ceiling Price:</label>';
|
116 |
- |
261 |
$str .= ' <input type="text" class="form-control" id="wlPrice" />';
|
65 |
- |
262 |
$str .= ' </div>';
|
|
|
263 |
$str .= ' </div>';
|
124 |
- |
264 |
$str .= ' <div class="modal-footer bg-secondary">';
|
120 |
- |
265 |
$str .= ' <button id="saveEditedWl" type="button" class="btn btn-success" name="submit" value="Save">Save</button>';
|
|
|
266 |
$str .= '<script nonce="' . base64_encode($_SESSION["nonce"]) .'">';
|
|
|
267 |
$str .= 'document.addEventListener("DOMContentLoaded", function() {';
|
|
|
268 |
$str .= ' document.getElementById("saveEditedWl").addEventListener("click", function() {';
|
|
|
269 |
$str .= ' saveEditedWishlist();';
|
|
|
270 |
$str .= ' });';
|
|
|
271 |
$str .= '});';
|
|
|
272 |
$str .= '</script>';
|
65 |
- |
273 |
$str .= ' <button type="button" class="btn btn-danger" data-dismiss="modal">Cancel</button>';
|
|
|
274 |
$str .= ' </div>';
|
|
|
275 |
$str .= ' </div>';
|
|
|
276 |
$str .= ' </div>';
|
|
|
277 |
$str .= '</div>';
|
|
|
278 |
$str .= '</div>';
|
|
|
279 |
}
|
|
|
280 |
else {
|
116 |
- |
281 |
$str .= "<div class=\"container bg-warning text-center py-3\"><p class=\"display-6\"><i class=\"material-icons\">bookmark</i> Your wishlist is currently empty. Add matching albums from the search results.</p></div>";
|
46 |
- |
282 |
}
|
|
|
283 |
}
|
65 |
- |
284 |
else if (mysqli_errno($conn)) {
|
|
|
285 |
error_log("MySQL Read Wishlist SQL: " . $sql);
|
|
|
286 |
error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
|
|
|
287 |
}
|
46 |
- |
288 |
|
|
|
289 |
return $str;
|
52 |
- |
290 |
}
|
|
|
291 |
|
|
|
292 |
function deleteWishlist($uid, $id) {
|
|
|
293 |
$conn = MySessionHandler::getDBSessionId();
|
|
|
294 |
|
|
|
295 |
$id = mysqli_real_escape_string($conn, $id);
|
|
|
296 |
$uid = mysqli_real_escape_string($conn, $uid);
|
|
|
297 |
|
|
|
298 |
$sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";
|
|
|
299 |
|
|
|
300 |
if (!($result = mysqli_query($conn, $sql))) {
|
65 |
- |
301 |
error_log("MySQL Delete Wishlist SQL: " . $sql);
|
|
|
302 |
error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
|
|
|
303 |
return -1;
|
52 |
- |
304 |
}
|
|
|
305 |
|
|
|
306 |
return 0;
|
|
|
307 |
}
|
|
|
308 |
|
|
|
309 |
function updateWishlist($uid, $wlArr) {
|
|
|
310 |
$nul = 'NULL';
|
|
|
311 |
$conn = MySessionHandler::getDBSessionId();
|
|
|
312 |
|
|
|
313 |
$modified = mysqli_real_escape_string($conn, time());
|
|
|
314 |
|
|
|
315 |
$id = (empty($wlArr['id']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['id']) . "'");
|
|
|
316 |
$uid = mysqli_real_escape_string($conn, $uid);
|
|
|
317 |
$barcode = (empty($wlArr['barcode']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['barcode']) . "'");
|
|
|
318 |
$title = isset($wlArr['title']) ? "'" . mysqli_real_escape_string($conn, $wlArr['title']) . "'" : "NULL";
|
|
|
319 |
$artist = isset($wlArr['artist']) ? "'" . mysqli_real_escape_string($conn, $wlArr['artist']) . "'" : "NULL";
|
73 |
- |
320 |
$cond = isset($wlArr['cond']) ? mysqli_real_escape_string($conn, $wlArr['cond']) : "Any";
|
52 |
- |
321 |
$format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";
|
|
|
322 |
$currency = 'USD'; //bugbug
|
|
|
323 |
$price = isset($wlArr['price']) ? "'" . mysqli_real_escape_string($conn, $wlArr['price']) . "'" : "NULL";
|
|
|
324 |
|
|
|
325 |
$sql = "UPDATE wishlist
|
73 |
- |
326 |
SET modified='$modified', barcode=" . $barcode . ", title=" . $title . ", artist=" . $artist . ", cond='$cond', format='$format', price=" . $price . "
|
52 |
- |
327 |
WHERE id=$id and uid=$uid";
|
|
|
328 |
|
|
|
329 |
if ($result = mysqli_query($conn, $sql)) {
|
|
|
330 |
return 0;
|
65 |
- |
331 |
}
|
|
|
332 |
else {
|
52 |
- |
333 |
error_log("MySQL Update Wishlist SQL: " . $sql);
|
|
|
334 |
error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");
|
|
|
335 |
return -1;
|
|
|
336 |
}
|
|
|
337 |
|
|
|
338 |
return -1;
|
|
|
339 |
}
|
73 |
- |
340 |
|
|
|
341 |
function unsubscribeWishlist($arr) {
|
116 |
- |
342 |
if (empty($arr['id']) || empty($arr['email'])) {
|
|
|
343 |
return "";
|
|
|
344 |
}
|
73 |
- |
345 |
$conn = MySessionHandler::getDBSessionId();
|
|
|
346 |
|
|
|
347 |
$modified = mysqli_real_escape_string($conn, time());
|
|
|
348 |
|
|
|
349 |
$id = mysqli_real_escape_string($conn, $arr['id']);
|
|
|
350 |
$email = mysqli_real_escape_string($conn, $arr['email']);
|
|
|
351 |
|
|
|
352 |
$sql = "UPDATE users
|
|
|
353 |
SET wlEmailFlag = '0'
|
|
|
354 |
WHERE id=$id and email='$email'";
|
|
|
355 |
|
|
|
356 |
if (!($result = mysqli_query($conn, $sql))) {
|
|
|
357 |
error_log("MySQL Update Wishlist SQL: " . $sql);
|
|
|
358 |
error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");
|
|
|
359 |
}
|
|
|
360 |
|
|
|
361 |
$str = "<div class=\"container text-center bg-warning p-3 rounded\">";
|
|
|
362 |
$str .= "<p class=\"display-6 font-weight-bold\">The wishlist price check emails for " . $email . " have been turned off</p>";
|
|
|
363 |
$str .= "<p>You can reinstate the emails at any time by setting the option 'Email Price Checks' for your account back to 'Yes'.</p>";
|
|
|
364 |
$str .= "</div>";
|
|
|
365 |
|
|
|
366 |
return $str;
|
|
|
367 |
}
|
78 |
- |
368 |
|
|
|
369 |
function checkPriceMonitor() {
|
|
|
370 |
if (empty($_SESSION['sessData']['userID'])) {
|
|
|
371 |
unset($_SESSION['priceMonitor']);
|
|
|
372 |
return -1;
|
|
|
373 |
}
|
|
|
374 |
|
|
|
375 |
$conn = MySessionHandler::getDBSessionId();
|
|
|
376 |
|
|
|
377 |
$uid = $_SESSION['sessData']['userID'];
|
|
|
378 |
|
|
|
379 |
$sql = "SELECT created, access
|
|
|
380 |
FROM pricemonitor
|
|
|
381 |
WHERE userId = '$uid'";
|
|
|
382 |
|
|
|
383 |
if ($result = mysqli_query($conn, $sql)) {
|
|
|
384 |
if (mysqli_num_rows($result) > 0) {
|
|
|
385 |
if ($row = mysqli_fetch_assoc($result)) {
|
|
|
386 |
$_SESSION['priceMonitor']['created'] = $row['created'];
|
|
|
387 |
$_SESSION['priceMonitor']['access'] = $row['access'];
|
110 |
- |
388 |
if ($_SESSION['priceMonitor']['created'] > $_SESSION['priceMonitor']['access']) {
|
79 |
- |
389 |
$_SESSION['priceMonitor']['newFlag'] = true;
|
|
|
390 |
} else {
|
|
|
391 |
$_SESSION['priceMonitor']['newFlag'] = false;
|
|
|
392 |
}
|
78 |
- |
393 |
|
|
|
394 |
return 0;
|
|
|
395 |
}
|
|
|
396 |
}
|
|
|
397 |
}
|
|
|
398 |
else if (mysqli_errno($conn)) {
|
|
|
399 |
error_log("MySQL Read Price Monitor SQL: " . $sql);
|
|
|
400 |
error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
|
|
|
401 |
}
|
|
|
402 |
|
|
|
403 |
return -1;
|
|
|
404 |
}
|
|
|
405 |
|
|
|
406 |
|
|
|
407 |
function getPriceMonitor() {
|
107 |
- |
408 |
if (!isLoggedIn()) {
|
116 |
- |
409 |
return ('<div class="container bg-warning text-center py-3"><p class="display-6"><i class="material-icons">error_outline</i> Please login to your Find Cheap Music account in order to see the price monitor results.</p></div>');
|
107 |
- |
410 |
}
|
|
|
411 |
|
78 |
- |
412 |
$conn = MySessionHandler::getDBSessionId();
|
|
|
413 |
|
|
|
414 |
$uid = $_SESSION['sessData']['userID'];
|
|
|
415 |
|
|
|
416 |
$sql = "SELECT data
|
|
|
417 |
FROM pricemonitor
|
|
|
418 |
WHERE userId = '$uid'";
|
|
|
419 |
|
|
|
420 |
if ($result = mysqli_query($conn, $sql)) {
|
|
|
421 |
if (mysqli_num_rows($result) > 0) {
|
|
|
422 |
if ($row = mysqli_fetch_assoc($result)) {
|
|
|
423 |
$access = mysqli_real_escape_string($conn, time());
|
|
|
424 |
$sql = "UPDATE pricemonitor
|
|
|
425 |
SET access = $access
|
|
|
426 |
WHERE userId = '$uid'";
|
|
|
427 |
if (!($result = mysqli_query($conn, $sql))) {
|
|
|
428 |
error_log("MySQL Update Price Monitor SQL: " . $sql);
|
|
|
429 |
error_log("MySQL Update Price Monitor Error: " . mysqli_error($conn) . " (" . $error . ")");
|
|
|
430 |
}
|
|
|
431 |
|
121 |
- |
432 |
$html = gzdecode(base64_decode($row['data']));
|
|
|
433 |
$html = str_replace(base64_encode("xxxNONCExxx"), base64_encode($_SESSION["nonce"]), $html);
|
|
|
434 |
return ($html);
|
78 |
- |
435 |
}
|
|
|
436 |
}
|
|
|
437 |
}
|
|
|
438 |
else if (mysqli_errno($conn)) {
|
|
|
439 |
error_log("MySQL Read Price Monitor SQL: " . $sql);
|
|
|
440 |
error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
|
|
|
441 |
}
|
|
|
442 |
|
116 |
- |
443 |
return ('<div class="container bg-warning text-center py-3"><p class="display-6"><i class="material-icons">bookmark</i> Your price monitor list is currently empty.</p></div>');
|
78 |
- |
444 |
}
|