WebSVN – cheapmusic – Blame – /www/php/wishlist.php

Rev	Author	Line No.	Line
45	-	1	`<?php`
65	-	2	`include_once ('php/clsLibGTIN.php');`
		3	`include_once ('php/constants.php');`
45	-	4
		5	`error_reporting(E_ALL);`
		6
65	-	7	`// add new entry to wishlist`
52	-	8	`function addWishlist($uid, $wlArr) {`
50	-	9	`$nul = 'NULL';`
45	-	10	`$conn = MySessionHandler::getDBSessionId();`
		11
		12	`$created = mysqli_real_escape_string($conn, time());`
		13	`$modified = $created;`
		14
52	-	15	`$uid = mysqli_real_escape_string($conn, $uid);`
		16	`$mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";`
		17	`$rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";`
81	-	18	`$asin = isset($wlArr->{'asin'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'asin'}) . "'" : "NULL";`
50	-	19	`$barcode = (empty($wlArr->{'barcode'}) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr->{'barcode'}) . "'");`
		20	`$title = isset($wlArr->{'title'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'title'}) . "'" : "NULL";`
		21	`$artist = isset($wlArr->{'artist'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'artist'}) . "'" : "NULL";`
73	-	22	`$cond = 'Any';`
45	-	23	`$format = 'Any';`
46	-	24	`$currency = 'USD'; //bugbug`
45	-	25	`$price = 'NULL';`
50	-	26	`$url = isset($wlArr->{'url'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'url'}) . "'" : "NULL";`
		27	`$thumbnail = isset($wlArr->{'thumbnail'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) . "'" : "NULL";`
96	-	28	`$ip = inet_pton($_SERVER['REMOTE_ADDR']);`
45	-	29
		30	`$sql = "INSERT`
		31	`INTO wishlist`
96	-	32	`(id, created, ip, modified, uid, mid, rid, asin, barcode, title, artist, cond, format, currency, price, url, thumbnail)`
		33	`VALUES (NULL, '$created', '$ip', '$modified', '$uid', '$mid', '$rid', " . $asin . ", " . $barcode . ", " . $title . ", " . $artist . ", '$cond', '$format', '$currency', '$price', " . $url . ", " . $thumbnail . ")";`
45	-	34
		35	`if ($result = mysqli_query($conn, $sql)) {`
52	-	36	`return 0;`
65	-	37	`}`
		38	`else {`
45	-	39	`$error = mysqli_errno($conn);`
		40	`if ($error == 1062) {`
52	-	41	`return 1;`
65	-	42	`}`
		43	`else {`
45	-	44	`error_log("MySQL Read Wishlist SQL: " . $sql);`
52	-	45	`error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
		46	`return -1;`
45	-	47	`}`
		48	`}`
		49
52	-	50	`return -1;`
45	-	51	`}`
		52
46	-	53	`function checkWishlist($type, $id) {`
45	-	54	`$conn = MySessionHandler::getDBSessionId();`
81	-	55	`if ($type == "master") {`
		56	`$colName = "mid";`
		57	`} else if ($type == "release") {`
		58	`$colName = "rid";`
		59	`} else if ($type == "asin") {`
		60	`$colName = "asin";`
		61	`}`
45	-	62
52	-	63	`$uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);`
45	-	64
		65	`$sql = "SELECT id`
		66	`FROM wishlist`
81	-	67	`WHERE uid = '$uid' and $colName = '$id'";`
45	-	68
		69	`if ($result = mysqli_query($conn, $sql)) {`
		70	`if (mysqli_num_rows($result) > 0) {`
		71	`return true;`
		72	`}`
		73	`}`
65	-	74	`else if (mysqli_errno($conn)) {`
		75	`error_log("MySQL Check Wishlist SQL: " . $sql);`
		76	`error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		77	`return true;`
		78	`}`
45	-	79
		80	`return false;`
46	-	81	`}`
		82
		83	`function getWishlist() {`
127	-	84	`$xh = new Html;`
		85	`$xh->init($_SESSION["htmlIndent"]);`
		86
107	-	87	`if (!isLoggedIn()) {`
127	-	88	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		89	`$xh->tag('div');`
		90	`$xh->add_attribute("class", "display-6");`
		91	`$xh->tag('p');`
		92	`$xh->add_attribute("class", "material-icons");`
		93	`$xh->tag('i', "error_outline");`
		94	`$xh->tag('span', " Please login to your Find Cheap Music account in order to maintain the wishlist.");`
		95	`$xh->close(); // p`
		96	`$xh->close(); // div`
		97
		98	`$html = $xh->flush();`
		99	`//error_log(print_r($html, 1));`
		100
		101	`return $html;`
107	-	102	`}`
		103
46	-	104	`$conn = MySessionHandler::getDBSessionId();`
		105
		106	`$uid = $_SESSION['sessData']['userID'];`
		107
		108	`$sql = "SELECT *`
		109	`FROM wishlist`
		110	`WHERE uid = '$uid'";`
		111
		112	`if ($result = mysqli_query($conn, $sql)) {`
		113	`if (mysqli_num_rows($result) > 0) {`
127	-	114	`$xh->add_attribute("class", "container");`
		115	`$xh->tag('div');`
		116	`$xh->add_attribute("class", "input-group mt-3");`
		117	`$xh->tag('div');`
		118	`$xh->add_attribute("class", "input-group-prepend");`
		119	`$xh->tag('div');`
		120	`$xh->add_attribute("class", "input-group-text");`
		121	`$xh->tag('span');`
		122	`$xh->add_attribute("class", "material-icons");`
		123	`$xh->tag('i', "search");`
		124	`$xh->close(); // span`
		125	`$xh->close(); // div`
		126	`$xh->add_attribute("type", "text");`
		127	`$xh->add_attribute("class", "form-control");`
		128	`$xh->add_attribute("id", "tableFilter");`
		129	`$xh->add_attribute("placeholder", "Search for..");`
		130	`$xh->add_attribute("aria-label", "Search for entry");`
		131	`$xh->single_tag('input');`
		132	`$xh->add_attribute("id", "tableFilterButton");`
		133	`$xh->add_attribute("class", "input-group-append");`
		134	`$xh->tag('div');`
		135	`$xh->add_attribute("id", "tableFilterReset");`
		136	`$xh->add_attribute("type", "button");`
		137	`$xh->add_attribute("class", "btn rounded");`
		138	`$xh->tag('button');`
		139	`$xh->add_attribute("class", "material-icons");`
		140	`$xh->tag('i', "cancel_presentation");`
		141	`$xh->close(); // button`
		142	`$xh->close(); // div`
		143	`$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));`
		144	`$xh->tag('script');`
		145	`$str = trim('document.addEventListener("DOMContentLoaded", function() {');`
		146	`$str .= trim(' document.getElementById("tableFilter").addEventListener("keyup", function() {');`
		147	`$str .= trim(' filterWishlist();');`
		148	`$str .= trim(' });');`
		149	`$str .= trim(' document.getElementById("tableFilterReset").addEventListener("click", function() {');`
		150	`$str .= trim(' document.getElementById("tableFilter").value = "";');`
		151	`$str .= trim(' filterWishlist();');`
		152	`$str .= trim(' });');`
		153	`$str .= trim('});');`
		154	`$xh->insert_code($str);`
		155	`$xh->close(); // script`
		156	`$xh->close(); // div`
52	-	157
127	-	158	`$xh->add_attribute("method", "post");`
		159	`$xh->add_attribute("action", "/index.php");`
		160	`$xh->tag('form');`
		161	`$xh->insert_code(inputSessionTab());`
		162	`$xh->add_attribute("id", "discogsTitle");`
		163	`$xh->add_attribute("type", "hidden");`
		164	`$xh->add_attribute("name", "discogsTitle");`
		165	`$xh->add_attribute("value", "");`
		166	`$xh->single_tag('input');`
		167	`$xh->add_attribute("id", "discogsArtist");`
		168	`$xh->add_attribute("type", "hidden");`
		169	`$xh->add_attribute("name", "discogsArtist");`
		170	`$xh->add_attribute("value", "");`
		171	`$xh->single_tag('input');`
		172	`$xh->add_attribute("id", "discogsBarcode");`
		173	`$xh->add_attribute("type", "hidden");`
		174	`$xh->add_attribute("name", "discogsBarcode");`
		175	`$xh->add_attribute("value", "");`
		176	`$xh->single_tag('input');`
		177	`$xh->insert_code(inputNonce());`
		178	`$xh->add_attribute("class", "table");`
		179	`$xh->tag('div');`
		180	`$xh->add_attribute("id", "wishlistTable");`
		181	`$xh->add_attribute("class", "table table-striped table-condensed table-hover small");`
		182	`$xh->tag('table');`
		183	`$xh->add_attribute("class", "head-dark table-header-sticky");`
		184	`$xh->tag('thead');`
		185	`$xh->tag('tr');`
		186	`$xh->add_attribute("class", "hide-medium");`
		187	`$xh->tag('th', "");`
		188	`$xh->add_attribute("id", "sortColumn1");`
		189	`$xh->add_attribute("class", "text-left cursor-pointer");`
		190	`$xh->tag('th');`
		191	`$xh->add_attribute("class", "nowrap");`
		192	`$xh->tag('span');`
		193	`$xh->tag('span', "Artist");`
		194	`$xh->add_attribute("class", "d-block d-md-none");`
		195	`$xh->tag('span', "<br>");`
		196	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");`
		197	`$xh->tag('i', "arrow_drop_up");`
		198	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");`
		199	`$xh->tag('i', "arrow_drop_down");`
		200	`$xh->close(); // span`
		201	`$xh->close(); // th`
46	-	202
127	-	203	`$xh->add_attribute("id", "sortColumn2");`
		204	`$xh->add_attribute("class", "text-left cursor-pointer");`
		205	`$xh->tag('th');`
		206	`$xh->add_attribute("class", "nowrap");`
		207	`$xh->tag('span');`
		208	`$xh->tag('span', "Title");`
		209	`$xh->add_attribute("class", "d-block d-md-none");`
		210	`$xh->tag('span', "<br>");`
		211	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");`
		212	`$xh->tag('i', "arrow_drop_up");`
		213	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");`
		214	`$xh->tag('i', "arrow_drop_down");`
		215	`$xh->close(); // span`
		216	`$xh->close(); // th`
		217
		218	`$xh->add_attribute("id", "sortColumn3");`
		219	`$xh->add_attribute("class", "d-none");`
		220	`$xh->tag('th', "");`
		221
		222	`$xh->add_attribute("id", "sortColumn4");`
		223	`$xh->add_attribute("class", "cursor-pointer hide-medium hide-small");`
		224	`$xh->tag('th');`
		225	`$xh->add_attribute("class", "nowrap");`
		226	`$xh->tag('span');`
		227	`$xh->tag('span', "Barcode");`
		228	`$xh->add_attribute("class", "d-block d-md-none");`
		229	`$xh->tag('span', "<br>");`
		230	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");`
		231	`$xh->tag('i', "arrow_drop_up");`
		232	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");`
		233	`$xh->tag('i', "arrow_drop_down");`
		234	`$xh->close(); // span`
		235	`$xh->close(); // th`
		236
		237	`$xh->add_attribute("id", "sortColumn5");`
		238	`$xh->add_attribute("class", "cursor-pointer hide-small");`
		239	`$xh->tag('th');`
		240	`$xh->add_attribute("class", "nowrap");`
		241	`$xh->tag('span');`
		242	`$xh->tag('span', "Condition");`
		243	`$xh->add_attribute("class", "d-block d-md-none");`
		244	`$xh->tag('span', "<br>");`
		245	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");`
		246	`$xh->tag('i', "arrow_drop_up");`
		247	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");`
		248	`$xh->tag('i', "arrow_drop_down");`
		249	`$xh->close(); // span`
		250	`$xh->close(); // th`
		251
		252	`$xh->add_attribute("id", "sortColumn6");`
		253	`$xh->add_attribute("class", "cursor-pointer hide-small");`
		254	`$xh->tag('th');`
		255	`$xh->add_attribute("class", "nowrap");`
		256	`$xh->tag('span');`
		257	`$xh->tag('span', "Format");`
		258	`$xh->add_attribute("class", "d-block d-md-none");`
		259	`$xh->tag('span', "<br>");`
		260	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");`
		261	`$xh->tag('i', "arrow_drop_up");`
		262	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");`
		263	`$xh->tag('i', "arrow_drop_down");`
		264	`$xh->close(); // span`
		265	`$xh->close(); // th`
		266
		267	`$xh->add_attribute("class", "d-none");`
		268	`$xh->tag('th', "Ceiling Price Plain Number");`
		269
		270	`$xh->add_attribute("id", "sortColumn7");`
		271	`$xh->add_attribute("class", "cursor-pointer");`
		272	`$xh->tag('th');`
		273	`$xh->add_attribute("class", "nowrap");`
		274	`$xh->tag('span');`
		275	`$xh->tag('span', "Price");`
		276	`$xh->add_attribute("class", "d-block d-md-none");`
		277	`$xh->tag('span', "<br>");`
		278	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nrm");`
		279	`$xh->tag('i', "arrow_drop_up");`
		280	`$xh->add_attribute("class", "material-icons hide-material-icons material-text material-nlm");`
		281	`$xh->tag('i', "arrow_drop_down");`
		282	`$xh->close(); // span`
		283	`$xh->close(); // th`
		284
		285	`$xh->tag('th', "");`
		286	`$xh->add_attribute("class", "d-none");`
		287	`$xh->tag('th', "");`
		288	`$xh->close(); // tr`
		289	`$xh->close(); // thead`
		290
		291	`$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));`
		292	`$xh->tag('script');`
		293	`$str = trim('document.addEventListener("DOMContentLoaded", function() {');`
		294	`$str .= trim(' document.getElementById("sortColumn1").addEventListener("click", function() {');`
		295	`$str .= trim(' sortTable("wishlistTable", 1, "text");');`
		296	`$str .= trim(' });');`
		297	`$str .= trim(' document.getElementById("sortColumn2").addEventListener("click", function() {');`
		298	`$str .= trim(' sortTable("wishlistTable", 2, "text");');`
		299	`$str .= trim(' });');`
		300	`$str .= trim(' document.getElementById("sortColumn4").addEventListener("click", function() {');`
		301	`$str .= trim(' sortTable("wishlistTable", 4, "text");');`
		302	`$str .= trim(' });');`
		303	`$str .= trim(' document.getElementById("sortColumn5").addEventListener("click", function() {');`
		304	`$str .= trim(' sortTable("wishlistTable", 5, "text");');`
		305	`$str .= trim(' });');`
		306	`$str .= trim(' document.getElementById("sortColumn6").addEventListener("click", function() {');`
		307	`$str .= trim(' sortTable("wishlistTable", 6, "text");');`
		308	`$str .= trim(' });');`
		309	`$str .= trim(' document.getElementById("sortColumn7").addEventListener("click", function() {');`
		310	`$str .= trim(' sortTable("wishlistTable", 7, "numeric");');`
		311	`$str .= trim(' });');`
		312	`$str .= trim('});');`
		313	`$xh->insert_code($str);`
		314	`$xh->close(); // script`
		315	`$xh->tag('tbody');`
		316
65	-	317	`while ($row = mysqli_fetch_assoc($result)) {`
125	-	318	`$artist = (empty($row["artist"]) ? "Various" : htmlentities($row["artist"]));`
		319	`$altText = "Image for " . htmlentities($row['title']) . " by " . $artist;`
46	-	320	`$price = print_monetary($row['price'], $row['currency']);`
125	-	321	`$searchTitle = 'Searching for:<br><br><strong>' . htmlentities($row['title']) . " by " . $artist;`
50	-	322	`if ($row['barcode'] !== null) {`
		323	`$searchTitle .= " (" . displayBarcode($row['barcode']) . ")";`
		324	`}`
52	-	325	`$searchTitle .= "</strong>";`
47	-	326
127	-	327	`$xh->add_attribute("class", "border");`
		328	`$xh->tag('tr');`
		329	`$xh->add_attribute("class", "hide-medium wl-img");`
		330	`$xh->tag('td');`
		331	`$xh->add_attribute("class", "img-fluid lazyload");`
		332	`$xh->add_attribute("src",PIXEL);`
		333	`$xh->add_attribute("data-src", $row["thumbnail"]);`
		334	`$xh->add_attribute("alt", $altText);`
		335	`$xh->single_tag('img');`
		336	`$xh->close(); // td`
52	-	337
127	-	338	`$xh->tag('td', $artist);`
		339	`$xh->tag('td', htmlentities($row['title']));`
		340	`$xh->add_attribute("class", "d-none");`
		341	`$xh->tag('td', htmlentities($row['barcode']));`
		342	`$xh->add_attribute("class", "hide-medium hide-small");`
		343	`$xh->tag('td', displayBarcode($row['barcode']));`
		344	`$xh->add_attribute("class", "hide-small");`
		345	`$xh->tag('td', $row['cond']);`
		346	`$xh->add_attribute("class", "hide-small");`
		347	`$xh->tag('td', $row['format']);`
		348	`$xh->add_attribute("class", "d-none");`
		349	`$xh->tag('td', $row['price']);`
		350	`$xh->tag('td', $price);`
		351	`$xh->add_attribute("class", "text-nowrap");`
		352	`$xh->tag('td');`
		353	`$xh->add_attribute("id", "wlEditBtn" . $row['id']);`
		354	`$xh->add_attribute("class", "btn btn-sm btn-warning rounded px-1");`
		355	`$xh->add_attribute("type", "button");`
		356	`$xh->add_attribute("data-toggle", "tooltip");`
		357	`$xh->add_attribute("title", "Edit");`
		358	`$xh->add_attribute("aria-label", "Edit Entry");`
		359	`$xh->tag('button');`
		360	`$xh->add_attribute("class", "material-icons");`
		361	`$xh->tag('i', "edit");`
		362	`$xh->close(); // button`
		363	`$xh->tag('span' , " ");`
		364	`$xh->add_attribute("id", "wlDeleteBtn" . $row['id']);`
		365	`$xh->add_attribute("class", "btn btn-sm btn-danger rounded px-1");`
		366	`$xh->add_attribute("type", "button");`
		367	`$xh->add_attribute("data-toggle", "tooltip");`
		368	`$xh->add_attribute("title", "Delete");`
		369	`$xh->add_attribute("aria-label", "Delete Entry");`
		370	`$xh->tag('button');`
		371	`$xh->add_attribute("class", "material-icons");`
		372	`$xh->tag('i', "cancel_presentation");`
		373	`$xh->close(); // button`
		374	`$xh->tag('span' , " ");`
		375	`$xh->add_attribute("class", "btn btn-sm btn-info rounded px-1 hide-small");`
		376	`$xh->add_attribute("role", "button");`
		377	`$xh->add_attribute("data-toggle", "tooltip");`
		378	`$xh->add_attribute("title", "Information");`
		379	`$xh->add_attribute("aria-label", "Information for Entry");`
		380	`$xh->add_attribute("href", htmlentities($row['url']));`
		381	`$xh->add_attribute("target", "_blank", "rel", "noreferrer noopener");`
		382	`$xh->tag('a');`
		383	`$xh->add_attribute("class", "material-icons");`
		384	`$xh->tag('i', "info_outline");`
		385	`$xh->close(); // a`
		386	`$xh->tag('span' , " ");`
		387	`$xh->add_attribute("id", "wlSearchBtn" . $row['id']);`
		388	`$xh->add_attribute("type", "submit");`
		389	`$xh->add_attribute("name", "submit");`
		390	`$xh->add_attribute("value", "discogsSearch");`
		391	`$xh->add_attribute("class", "btn btn-sm btn-success rounded px-1");`
		392	`$xh->tag('button');`
		393	`$xh->add_attribute("class", "material-icons");`
		394	`$xh->add_attribute("title", "Search for Store Offers");`
		395	`$xh->add_attribute("aria-label", "Search Store Offers for Entry");`
		396	`$xh->add_attribute("data-toggle", "tooltip");`
		397	`$xh->tag('i', "search");`
		398	`$xh->close(); // button`
		399	`$xh->close(); // td`
		400	`$xh->add_attribute("id", "wlIdRow" . $row['id']);`
		401	`$xh->add_attribute("class", "d-none");`
		402	`$xh->tag('td', "");`
120	-	403
127	-	404	`$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));`
		405	`$xh->tag('script');`
		406	`$str = trim('document.addEventListener("DOMContentLoaded", function() {');`
		407	`$str .= trim(' document.getElementById("wlEditBtn' . $row['id'] . '").addEventListener("click", function() {');`
		408	`$str .= trim(' editWishlist("' . $row["id"] . '", document.getElementById("wlEditBtn' . $row['id'] . '"));');`
		409	`$str .= trim(' });');`
		410	`$str .= trim(' document.getElementById("wlDeleteBtn' . $row['id'] . '").addEventListener("click", function() {');`
		411	`$str .= trim(' deleteWishlist("' . $row["id"] . '", document.getElementById("wlDeleteBtn' . $row['id'] . '"),"' . htmlentities($row['title']) . '", "' . htmlentities($artist) . '");');`
		412	`$str .= trim(' });');`
		413	`$str .= trim(' document.getElementById("wlSearchBtn' . $row['id'] . '").addEventListener("click", function() {');`
		414	`$str .= trim(' document.getElementById("discogsTitle").value = "' . sanitizeInput2($row["title"]) . '";');`
		415	`$str .= trim(' document.getElementById("discogsArtist").value = "' . sanitizeInput2($row['artist']) . '";');`
		416	`$str .= trim(' document.getElementById("discogsBarcode").value = "' . sanitizeInput2($row['barcode']) . '";');`
		417	`$str .= trim(' progressBar("' . $searchTitle . '");');`
		418	`$str .= trim(' });');`
		419	`$str .= trim('});');`
		420	`$xh->insert_code($str);`
		421	`$xh->close(); // script`
		422
		423	`$xh->close(); // tr`
46	-	424	`}`
52	-	425
127	-	426	`$xh->close(); // tbody`
		427	`$xh->close(); // table`
		428	`$xh->close(); // div`
		429	`$xh->close(); // form`
		430
		431	`$xh->add_attribute("class", "modal fade");`
		432	`$xh->add_attribute("id", "editWishlistModal");`
		433	`$xh->tag('div');`
		434	`$xh->add_attribute("class", "modal-dialog");`
		435	`$xh->tag('div');`
		436	`$xh->add_attribute("class", "modal-content");`
		437	`$xh->tag('div');`
		438	`$xh->add_attribute("class", "modal-header bg-secondary");`
		439	`$xh->tag('div');`
		440	`$xh->add_attribute("class", "modal-title display-6");`
		441	`$xh->tag('p', "Edit Wishlist Entry");`
		442	`$xh->close(); // div>`
		443	`$xh->add_attribute("class", "mt-0");`
		444	`$xh->add_attribute("id", "wlMsg");`
		445	`$xh->tag('span', "");`
		446	`$xh->insert_code(inputSessionTab());`
		447	`$xh->add_attribute("type", "hidden");`
		448	`$xh->add_attribute("name", "wlId");`
		449	`$xh->add_attribute("id", "wlId");`
		450	`$xh->single_tag('input');`
		451	`$xh->add_attribute("class", "modal-body");`
		452	`$xh->tag('div');`
		453	`$xh->add_attribute("class", "form-group");`
		454	`$xh->tag('div');`
		455	`$xh->add_attribute("for", "wlArtist");`
		456	`$xh->tag('label', "Artist:");`
		457	`$xh->add_attribute("type", "text");`
		458	`$xh->add_attribute("class", "form-control");`
		459	`$xh->add_attribute("id", "wlArtist");`
		460	`$xh->single_tag('input');`
		461	`$xh->close(); // div`
		462	`$xh->add_attribute("class", "form-group");`
		463	`$xh->tag('div');`
		464	`$xh->add_attribute("for", "wlTitle");`
		465	`$xh->tag('label', "Title:");`
		466	`$xh->add_attribute("type", "text");`
		467	`$xh->add_attribute("class", "form-control");`
		468	`$xh->add_attribute("id", "wlTitle");`
		469	`$xh->single_tag('input');`
		470	`$xh->close(); // div`
		471	`$xh->add_attribute("class", "form-group");`
		472	`$xh->tag('div');`
		473	`$xh->add_attribute("for", "wlBarcode");`
		474	`$xh->tag('label', "Barcode:");`
		475	`$xh->add_attribute("type", "text");`
		476	`$xh->add_attribute("class", "form-control");`
		477	`$xh->add_attribute("id", "wlBarcode");`
		478	`$xh->single_tag('input');`
		479	`$xh->close(); // div`
		480	`$xh->add_attribute("class", "form-group");`
		481	`$xh->tag('div');`
		482	`$xh->add_attribute("for", "wlCond");`
		483	`$xh->tag('label', "Condition:");`
		484	`$xh->add_attribute("class", "form-control");`
		485	`$xh->add_attribute("id", "wlCond");`
		486	`$xh->tag('select');`
		487	`$xh->tag('option', "Any");`
		488	`$xh->tag('option', "New");`
		489	`$xh->tag('option', "Used");`
		490	`$xh->close(); // select`
		491	`$xh->close(); // div`
		492	`$xh->add_attribute("class", "form-group");`
		493	`$xh->tag('div');`
		494	`$xh->add_attribute("for", "wlFormat");`
		495	`$xh->tag('label', "Format:");`
		496	`$xh->add_attribute("class", "form-control");`
		497	`$xh->add_attribute("id", "wlFormat");`
		498	`$xh->tag('select');`
		499	`$xh->tag('option', "Any");`
		500	`$xh->tag('option', "CD");`
		501	`$xh->tag('option', "Record");`
		502	`$xh->tag('option', "Digital");`
		503	`$xh->tag('option', "Book");`
		504	`$xh->close(); // select`
		505	`$xh->close(); // div`
		506	`$xh->add_attribute("class", "form-group");`
		507	`$xh->tag('div');`
		508	`$xh->add_attribute("for", "wlPrice");`
		509	`$xh->tag('label', "Ceiling Price:");`
		510	`$xh->add_attribute("type", "text");`
		511	`$xh->add_attribute("class", "form-control");`
		512	`$xh->add_attribute("id", "wlPrice");`
		513	`$xh->single_tag('input');`
		514	`$xh->close(); // div`
		515	`$xh->close(); // div`
		516	`$xh->add_attribute("class", "modal-footer bg-secondary");`
		517	`$xh->tag('div');`
		518	`$xh->add_attribute("id", "saveEditedWl");`
		519	`$xh->add_attribute("type", "button");`
		520	`$xh->add_attribute("class", "btn btn-success");`
		521	`$xh->add_attribute("name", "submit");`
		522	`$xh->add_attribute("value", "Save");`
		523	`$xh->tag('button', "Save");`
		524	`$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));`
		525	`$xh->tag('script');`
		526	`$str = trim('document.addEventListener("DOMContentLoaded", function() {');`
		527	`$str .= trim(' document.getElementById("saveEditedWl").addEventListener("click", function() {');`
		528	`$str .= trim(' saveEditedWishlist();');`
		529	`$str .= trim(' });');`
		530	`$str .= trim('});');`
		531	`$xh->insert_code($str);`
		532	`$xh->close(); // script`
		533	`$xh->add_attribute("type", "button");`
		534	`$xh->add_attribute("class", "btn btn-danger");`
		535	`$xh->add_attribute("data-dismiss", "modal");`
		536	`$xh->tag('button', "Cancel");`
		537	`$xh->close(); // div`
		538	`$xh->close(); // div`
		539	`$xh->close(); // div`
		540	`$xh->close(); // div`
		541	`$xh->close(); // div`
65	-	542	`}`
		543	`else {`
127	-	544	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		545	`$xh->tag('div');`
		546	`$xh->add_attribute("class", "display-6");`
		547	`$xh->tag('p');`
		548	`$xh->add_attribute("class", "material-icons");`
		549	`$xh->tag('i', "bookmark");`
		550	`$xh->tag('span', " Your wishlist is currently empty. Add matching albums from the search results.");`
		551	`$xh->close(); // p`
		552	`$xh->close(); // div`
46	-	553	`}`
		554	`}`
65	-	555	`else if (mysqli_errno($conn)) {`
		556	`error_log("MySQL Read Wishlist SQL: " . $sql);`
		557	`error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		558	`}`
46	-	559
127	-	560	`$html = $xh->flush();`
		561	`//error_log(print_r($html, 1));`
		562
		563	`return $html;`
52	-	564	`}`
		565
		566	`function deleteWishlist($uid, $id) {`
		567	`$conn = MySessionHandler::getDBSessionId();`
		568
		569	`$id = mysqli_real_escape_string($conn, $id);`
		570	`$uid = mysqli_real_escape_string($conn, $uid);`
		571
		572	`$sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";`
		573
		574	`if (!($result = mysqli_query($conn, $sql))) {`
65	-	575	`error_log("MySQL Delete Wishlist SQL: " . $sql);`
		576	`error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		577	`return -1;`
52	-	578	`}`
		579
		580	`return 0;`
		581	`}`
		582
		583	`function updateWishlist($uid, $wlArr) {`
		584	`$nul = 'NULL';`
		585	`$conn = MySessionHandler::getDBSessionId();`
		586
		587	`$modified = mysqli_real_escape_string($conn, time());`
		588
		589	`$id = (empty($wlArr['id']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['id']) . "'");`
		590	`$uid = mysqli_real_escape_string($conn, $uid);`
		591	`$barcode = (empty($wlArr['barcode']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['barcode']) . "'");`
		592	`$title = isset($wlArr['title']) ? "'" . mysqli_real_escape_string($conn, $wlArr['title']) . "'" : "NULL";`
		593	`$artist = isset($wlArr['artist']) ? "'" . mysqli_real_escape_string($conn, $wlArr['artist']) . "'" : "NULL";`
73	-	594	`$cond = isset($wlArr['cond']) ? mysqli_real_escape_string($conn, $wlArr['cond']) : "Any";`
52	-	595	`$format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";`
		596	`$currency = 'USD'; //bugbug`
		597	`$price = isset($wlArr['price']) ? "'" . mysqli_real_escape_string($conn, $wlArr['price']) . "'" : "NULL";`
		598
		599	`$sql = "UPDATE wishlist`
73	-	600	`SET modified='$modified', barcode=" . $barcode . ", title=" . $title . ", artist=" . $artist . ", cond='$cond', format='$format', price=" . $price . "`
52	-	601	`WHERE id=$id and uid=$uid";`
		602
		603	`if ($result = mysqli_query($conn, $sql)) {`
		604	`return 0;`
65	-	605	`}`
		606	`else {`
52	-	607	`error_log("MySQL Update Wishlist SQL: " . $sql);`
		608	`error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
		609	`return -1;`
		610	`}`
		611
		612	`return -1;`
		613	`}`
73	-	614
		615	`function unsubscribeWishlist($arr) {`
116	-	616	`if (empty($arr['id']) \|\| empty($arr['email'])) {`
		617	`return "";`
		618	`}`
73	-	619	`$conn = MySessionHandler::getDBSessionId();`
		620
		621	`$modified = mysqli_real_escape_string($conn, time());`
		622
		623	`$id = mysqli_real_escape_string($conn, $arr['id']);`
		624	`$email = mysqli_real_escape_string($conn, $arr['email']);`
		625
		626	`$sql = "UPDATE users`
		627	`SET wlEmailFlag = '0'`
		628	`WHERE id=$id and email='$email'";`
		629
		630	`if (!($result = mysqli_query($conn, $sql))) {`
		631	`error_log("MySQL Update Wishlist SQL: " . $sql);`
		632	`error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
		633	`}`
		634
127	-	635	`$xh = new Html;`
		636	`$xh->init($_SESSION["htmlIndent"]);`
73	-	637
127	-	638	`$xh->add_attribute("class", "container text-center bg-warning p-3 rounded");`
		639	`$xh->tag('div');`
		640	`$xh->add_attribute("class", "display-6 font-weight-bold");`
		641	`$xh->tag('p', "The wishlist price check emails for " . $email . " have been turned off.");`
		642	`$xh->tag('p', "You can reinstate the emails at any time by setting the option 'Email Price Checks' for your account back to 'Yes'.");`
		643	`$xh->close(); // div>";`
		644
		645	`$html = $xh->flush();`
		646	`//error_log(print_r($html, 1));`
		647
		648	`return $html;`
73	-	649	`}`
78	-	650
		651	`function checkPriceMonitor() {`
		652	`if (empty($_SESSION['sessData']['userID'])) {`
		653	`unset($_SESSION['priceMonitor']);`
		654	`return -1;`
		655	`}`
		656
		657	`$conn = MySessionHandler::getDBSessionId();`
		658
		659	`$uid = $_SESSION['sessData']['userID'];`
		660
		661	`$sql = "SELECT created, access`
		662	`FROM pricemonitor`
		663	`WHERE userId = '$uid'";`
		664
		665	`if ($result = mysqli_query($conn, $sql)) {`
		666	`if (mysqli_num_rows($result) > 0) {`
		667	`if ($row = mysqli_fetch_assoc($result)) {`
		668	`$_SESSION['priceMonitor']['created'] = $row['created'];`
		669	`$_SESSION['priceMonitor']['access'] = $row['access'];`
110	-	670	`if ($_SESSION['priceMonitor']['created'] > $_SESSION['priceMonitor']['access']) {`
79	-	671	`$_SESSION['priceMonitor']['newFlag'] = true;`
		672	`} else {`
		673	`$_SESSION['priceMonitor']['newFlag'] = false;`
		674	`}`
78	-	675
		676	`return 0;`
		677	`}`
		678	`}`
		679	`}`
		680	`else if (mysqli_errno($conn)) {`
		681	`error_log("MySQL Read Price Monitor SQL: " . $sql);`
		682	`error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		683	`}`
		684
		685	`return -1;`
		686	`}`
		687
		688
		689	`function getPriceMonitor() {`
127	-	690	`$xh = new Html;`
		691	`$xh->init($_SESSION["htmlIndent"]);`
		692
107	-	693	`if (!isLoggedIn()) {`
127	-	694	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		695	`$xh->tag('div');`
		696	`$xh->add_attribute("class", "display-6");`
		697	`$xh->tag('p');`
		698	`$xh->add_attribute("class", "material-icons");`
		699	`$xh->tag('i', "error_outline");`
		700	`$xh->tag('span', " Please login to your Find Cheap Music account in order to see the price monitor results.");`
		701	`$xh->close(); // p`
		702	`$xh->close(); // div`
		703
		704	`$html = $xh->flush();`
		705	`//error_log(print_r($html, 1));`
		706
		707	`return $html;`
107	-	708	`}`
		709
78	-	710	`$conn = MySessionHandler::getDBSessionId();`
		711
		712	`$uid = $_SESSION['sessData']['userID'];`
		713
		714	`$sql = "SELECT data`
		715	`FROM pricemonitor`
		716	`WHERE userId = '$uid'";`
		717
		718	`if ($result = mysqli_query($conn, $sql)) {`
		719	`if (mysqli_num_rows($result) > 0) {`
		720	`if ($row = mysqli_fetch_assoc($result)) {`
		721	`$access = mysqli_real_escape_string($conn, time());`
		722	`$sql = "UPDATE pricemonitor`
		723	`SET access = $access`
		724	`WHERE userId = '$uid'";`
		725	`if (!($result = mysqli_query($conn, $sql))) {`
		726	`error_log("MySQL Update Price Monitor SQL: " . $sql);`
		727	`error_log("MySQL Update Price Monitor Error: " . mysqli_error($conn) . " (" . $error . ")");`
		728	`}`
		729
121	-	730	`$html = gzdecode(base64_decode($row['data']));`
		731	`$html = str_replace(base64_encode("xxxNONCExxx"), base64_encode($_SESSION["nonce"]), $html);`
		732	`return ($html);`
78	-	733	`}`
		734	`}`
		735	`}`
		736	`else if (mysqli_errno($conn)) {`
		737	`error_log("MySQL Read Price Monitor SQL: " . $sql);`
		738	`error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		739	`}`
		740
127	-	741	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		742	`$xh->tag('div');`
		743	`$xh->add_attribute("class", "display-6");`
		744	`$xh->tag('p');`
		745	`$xh->add_attribute("class", "material-icons");`
		746	`$xh->tag('i', "bookmark");`
		747	`$xh->tag('span', " Your price monitor list is currently empty.");`
		748	`$xh->close(); // p`
		749	`$xh->close(); // div`
		750
		751	`$html = $xh->flush();`
		752	`//error_log(print_r($html, 1));`
		753
		754	`return $html;`
78	-	755	`}`

Subversion Repositories cheapmusic

(root)/www/php/wishlist.php – Rev 127