WebSVN – cheapmusic – Blame – /www/php/wishlist.php

Rev	Author	Line No.	Line
45	-	1	`<?php`
65	-	2	`include_once ('php/clsLibGTIN.php');`
		3	`include_once ('php/constants.php');`
45	-	4
		5	`error_reporting(E_ALL);`
		6
65	-	7	`// add new entry to wishlist`
52	-	8	`function addWishlist($uid, $wlArr) {`
50	-	9	`$nul = 'NULL';`
45	-	10	`$conn = MySessionHandler::getDBSessionId();`
		11
		12	`$created = mysqli_real_escape_string($conn, time());`
		13	`$modified = $created;`
		14
52	-	15	`$uid = mysqli_real_escape_string($conn, $uid);`
		16	`$mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";`
		17	`$rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";`
143	-	18	`$asin = isset($wlArr->{'asin'}) ? mysqli_real_escape_string($conn, $wlArr->{'asin'}) : "";`
50	-	19	`$barcode = (empty($wlArr->{'barcode'}) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr->{'barcode'}) . "'");`
		20	`$title = isset($wlArr->{'title'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'title'}) . "'" : "NULL";`
		21	`$artist = isset($wlArr->{'artist'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'artist'}) . "'" : "NULL";`
73	-	22	`$cond = 'Any';`
45	-	23	`$format = 'Any';`
46	-	24	`$currency = 'USD'; //bugbug`
45	-	25	`$price = 'NULL';`
50	-	26	`$url = isset($wlArr->{'url'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'url'}) . "'" : "NULL";`
		27	`$thumbnail = isset($wlArr->{'thumbnail'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) . "'" : "NULL";`
96	-	28	`$ip = inet_pton($_SERVER['REMOTE_ADDR']);`
45	-	29
		30	`$sql = "INSERT`
		31	`INTO wishlist`
96	-	32	`(id, created, ip, modified, uid, mid, rid, asin, barcode, title, artist, cond, format, currency, price, url, thumbnail)`
143	-	33	`VALUES (NULL, '$created', '$ip', '$modified', '$uid', '$mid', '$rid', '$asin', " . $barcode . ", " . $title . ", " . $artist . ", '$cond', '$format', '$currency', '$price', " . $url . ", " . $thumbnail . ")";`
45	-	34
		35	`if ($result = mysqli_query($conn, $sql)) {`
52	-	36	`return 0;`
65	-	37	`}`
		38	`else {`
45	-	39	`$error = mysqli_errno($conn);`
		40	`if ($error == 1062) {`
52	-	41	`return 1;`
65	-	42	`}`
		43	`else {`
45	-	44	`error_log("MySQL Read Wishlist SQL: " . $sql);`
52	-	45	`error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
		46	`return -1;`
45	-	47	`}`
		48	`}`
		49
52	-	50	`return -1;`
45	-	51	`}`
		52
46	-	53	`function checkWishlist($type, $id) {`
45	-	54	`$conn = MySessionHandler::getDBSessionId();`
81	-	55	`if ($type == "master") {`
		56	`$colName = "mid";`
		57	`} else if ($type == "release") {`
		58	`$colName = "rid";`
		59	`} else if ($type == "asin") {`
		60	`$colName = "asin";`
		61	`}`
45	-	62
52	-	63	`$uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);`
45	-	64
		65	`$sql = "SELECT id`
		66	`FROM wishlist`
81	-	67	`WHERE uid = '$uid' and $colName = '$id'";`
45	-	68
		69	`if ($result = mysqli_query($conn, $sql)) {`
		70	`if (mysqli_num_rows($result) > 0) {`
		71	`return true;`
		72	`}`
		73	`}`
65	-	74	`else if (mysqli_errno($conn)) {`
		75	`error_log("MySQL Check Wishlist SQL: " . $sql);`
		76	`error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		77	`return true;`
		78	`}`
45	-	79
		80	`return false;`
46	-	81	`}`
		82
		83	`function getWishlist() {`
127	-	84	`$xh = new Html;`
		85	`$xh->init($_SESSION["htmlIndent"]);`
		86
107	-	87	`if (!isLoggedIn()) {`
127	-	88	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		89	`$xh->tag('div');`
		90	`$xh->add_attribute("class", "display-6");`
		91	`$xh->tag('p');`
		92	`$xh->add_attribute("class", "material-icons");`
		93	`$xh->tag('i', "error_outline");`
		94	`$xh->tag('span', " Please login to your Find Cheap Music account in order to maintain the wishlist.");`
		95	`$xh->close(); // p`
		96	`$xh->close(); // div`
		97
		98	`$html = $xh->flush();`
		99	`//error_log(print_r($html, 1));`
		100
		101	`return $html;`
107	-	102	`}`
		103
46	-	104	`$conn = MySessionHandler::getDBSessionId();`
		105
		106	`$uid = $_SESSION['sessData']['userID'];`
		107
		108	`$sql = "SELECT *`
		109	`FROM wishlist`
		110	`WHERE uid = '$uid'";`
		111
		112	`if ($result = mysqli_query($conn, $sql)) {`
		113	`if (mysqli_num_rows($result) > 0) {`
143	-	114	`$xh->add_attribute("class", "container pt-3");`
		115	`$xh->tag('div');`
127	-	116	`$xh->add_attribute("method", "post");`
		117	`$xh->add_attribute("action", "/index.php");`
		118	`$xh->tag('form');`
		119	`$xh->insert_code(inputSessionTab());`
		120	`$xh->add_attribute("id", "discogsTitle");`
		121	`$xh->add_attribute("type", "hidden");`
		122	`$xh->add_attribute("name", "discogsTitle");`
		123	`$xh->add_attribute("value", "");`
		124	`$xh->single_tag('input');`
		125	`$xh->add_attribute("id", "discogsArtist");`
		126	`$xh->add_attribute("type", "hidden");`
		127	`$xh->add_attribute("name", "discogsArtist");`
		128	`$xh->add_attribute("value", "");`
		129	`$xh->single_tag('input');`
		130	`$xh->add_attribute("id", "discogsBarcode");`
		131	`$xh->add_attribute("type", "hidden");`
		132	`$xh->add_attribute("name", "discogsBarcode");`
		133	`$xh->add_attribute("value", "");`
		134	`$xh->single_tag('input');`
		135	`$xh->insert_code(inputNonce());`
		136	`$xh->add_attribute("class", "table");`
		137	`$xh->tag('div');`
		138	`$xh->add_attribute("id", "wishlistTable");`
143	-	139	`$xh->add_attribute("class", "table table-striped condensed table-hover small w-100 DataTable");`
		140	`$xh->add_attribute("data-paging", "false");`
		141	`$xh->add_attribute("data-searching", "true");`
		142	`$xh->add_attribute("data-state-save", "false");`
		143	`$xh->add_attribute("data-info", "true");`
		144	`$xh->add_attribute("data-ordering", "true");`
		145	`$xh->add_attribute("data-order", "[[ 1, "asc" ]]");`
		146	`$xh->add_attribute("data-responsive", "true");`
127	-	147	`$xh->tag('table');`
143	-	148	`$xh->add_attribute("class", "thead-dark table-header-sticky");`
127	-	149	`$xh->tag('thead');`
		150	`$xh->tag('tr');`
143	-	151	`$xh->add_attribute("data-name", "image");`
		152	`$xh->add_attribute("data-width", "15%");`
		153	`$xh->add_attribute("data-orderable", "false");`
		154	`$xh->add_attribute("data-priority", "1");`
127	-	155	`$xh->tag('th', "");`
143	-	156	`$xh->add_attribute("data-name", "artist");`
		157	`$xh->add_attribute("data-priority", "1");`
		158	`$xh->add_attribute("class", "text-left");`
		159	`$xh->tag('th', "Artist");`
46	-	160
143	-	161	`$xh->add_attribute("data-name", "title");`
		162	`$xh->add_attribute("data-priority", "1");`
		163	`$xh->add_attribute("class", "text-left");`
		164	`$xh->tag('th', "Title");`
127	-	165
143	-	166	`$xh->add_attribute("data-name", "barcode");`
		167	`$xh->add_attribute("data-priority", "4");`
		168	`$xh->tag('th', "Barcode");`
127	-	169
143	-	170	`$xh->add_attribute("data-name", "condition");`
		171	`$xh->add_attribute("data-priority", "3");`
		172	`$xh->tag('th', "Condition");`
127	-	173
143	-	174	`$xh->add_attribute("data-name", "format");`
		175	`$xh->add_attribute("data-priority", "3");`
		176	`$xh->tag('th', "Format");`
127	-	177
143	-	178	`$xh->add_attribute("data-name", "price");`
		179	`$xh->add_attribute("data-priority", "2");`
		180	`$xh->tag('th', "Price");`
127	-	181
143	-	182	`$xh->add_attribute("data-name", "icons");`
		183	`$xh->add_attribute("data-priority", "1");`
		184	`$xh->add_attribute("data-orderable", "false");`
127	-	185	`$xh->tag('th', "");`
		186	`$xh->close(); // tr`
		187	`$xh->close(); // thead`
143	-	188
127	-	189	`$xh->tag('tbody');`
		190
65	-	191	`while ($row = mysqli_fetch_assoc($result)) {`
141	-	192	`$artist = (empty($row["artist"]) ? "" : htmlentities($row["artist"]));`
125	-	193	`$altText = "Image for " . htmlentities($row['title']) . " by " . $artist;`
46	-	194	`$price = print_monetary($row['price'], $row['currency']);`
141	-	195	`$searchTitle = 'Searching for:<br><br><strong>';`
		196	`if (!empty($row['title'])) { $searchTitle .= htmlentities($row['title']); }`
		197	`if (!empty($row['title']) && !empty($artist)) { $searchTitle .= " by "; }`
		198	`if (!empty($artist)) { $searchTitle .= $artist; }`
50	-	199	`if ($row['barcode'] !== null) {`
		200	`$searchTitle .= " (" . displayBarcode($row['barcode']) . ")";`
		201	`}`
52	-	202	`$searchTitle .= "</strong>";`
143	-	203	`$xh->add_attribute("id", "wlIdRow" . $row['id']);`
130	-	204	`$xh->add_attribute("data-id", $row['id']);`
		205	`$xh->add_attribute("data-title", htmlentities($row['title']));`
		206	`$xh->add_attribute("data-artist", $artist);`
		207	`$xh->add_attribute("data-barcode", htmlentities($row['barcode']));`
		208	`$xh->add_attribute("data-search-title", $searchTitle);`
127	-	209	`$xh->tag('tr');`
143	-	210	`$xh->add_attribute("class", "wl-img");`
127	-	211	`$xh->tag('td');`
		212	`$xh->add_attribute("class", "img-fluid lazyload");`
		213	`$xh->add_attribute("src",PIXEL);`
		214	`$xh->add_attribute("data-src", $row["thumbnail"]);`
		215	`$xh->add_attribute("alt", $altText);`
		216	`$xh->single_tag('img');`
		217	`$xh->close(); // td`
52	-	218
127	-	219	`$xh->tag('td', $artist);`
		220	`$xh->tag('td', htmlentities($row['title']));`
143	-	221	`$xh->add_attribute("data-order", htmlentities($row['barcode']));`
127	-	222	`$xh->tag('td', displayBarcode($row['barcode']));`
		223	`$xh->tag('td', $row['cond']);`
		224	`$xh->tag('td', $row['format']);`
143	-	225	`$xh->add_attribute("data-order", $row['price']);`
127	-	226	`$xh->tag('td', $price);`
		227	`$xh->tag('td');`
		228	`$xh->add_attribute("id", "wlEditBtn" . $row['id']);`
		229	`$xh->add_attribute("class", "btn btn-sm btn-warning rounded px-1");`
		230	`$xh->add_attribute("type", "button");`
		231	`$xh->add_attribute("data-toggle", "tooltip");`
		232	`$xh->add_attribute("title", "Edit");`
		233	`$xh->add_attribute("aria-label", "Edit Entry");`
		234	`$xh->tag('button');`
		235	`$xh->add_attribute("class", "material-icons");`
		236	`$xh->tag('i', "edit");`
		237	`$xh->close(); // button`
		238	`$xh->tag('span' , " ");`
		239	`$xh->add_attribute("id", "wlDeleteBtn" . $row['id']);`
		240	`$xh->add_attribute("class", "btn btn-sm btn-danger rounded px-1");`
		241	`$xh->add_attribute("type", "button");`
		242	`$xh->add_attribute("data-toggle", "tooltip");`
		243	`$xh->add_attribute("title", "Delete");`
		244	`$xh->add_attribute("aria-label", "Delete Entry");`
		245	`$xh->tag('button');`
		246	`$xh->add_attribute("class", "material-icons");`
		247	`$xh->tag('i', "cancel_presentation");`
		248	`$xh->close(); // button`
		249	`$xh->tag('span' , " ");`
130	-	250	`$xh->add_attribute("id", "wlInfoBtn" . $row['id']);`
143	-	251	`$xh->add_attribute("class", "btn btn-sm btn-info rounded px-1");`
127	-	252	`$xh->add_attribute("role", "button");`
		253	`$xh->add_attribute("data-toggle", "tooltip");`
		254	`$xh->add_attribute("title", "Information");`
		255	`$xh->add_attribute("aria-label", "Information for Entry");`
		256	`$xh->add_attribute("href", htmlentities($row['url']));`
		257	`$xh->add_attribute("target", "_blank", "rel", "noreferrer noopener");`
		258	`$xh->tag('a');`
		259	`$xh->add_attribute("class", "material-icons");`
		260	`$xh->tag('i', "info_outline");`
		261	`$xh->close(); // a`
		262	`$xh->tag('span' , " ");`
		263	`$xh->add_attribute("id", "wlSearchBtn" . $row['id']);`
		264	`$xh->add_attribute("type", "submit");`
134	-	265	`$xh->add_attribute("name", "submitBtn");`
127	-	266	`$xh->add_attribute("value", "discogsSearch");`
		267	`$xh->add_attribute("class", "btn btn-sm btn-success rounded px-1");`
		268	`$xh->tag('button');`
		269	`$xh->add_attribute("class", "material-icons");`
		270	`$xh->add_attribute("title", "Search for Store Offers");`
		271	`$xh->add_attribute("aria-label", "Search Store Offers for Entry");`
		272	`$xh->add_attribute("data-toggle", "tooltip");`
		273	`$xh->tag('i', "search");`
		274	`$xh->close(); // button`
		275	`$xh->close(); // td`
		276	`$xh->close(); // tr`
46	-	277	`}`
52	-	278
127	-	279	`$xh->close(); // tbody`
		280	`$xh->close(); // table`
130	-	281	`$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));`
		282	`$xh->tag('script');`
137	-	283	`$str = my_trim('document.addEventListener("DOMContentLoaded", function() {');`
		284	`$str .= my_trim(' document.getElementById("wishlistTable").addEventListener("click", function(event) {');`
		285	`$str .= my_trim(' e = event.target.closest("button") \|\| event.target.closest("a");');`
		286	`$str .= my_trim(' tr = event.target.closest("tr");');`
143	-	287	`$str .= my_trim(' if ($(tr).hasClass("child")) {');`
		288	`$str .= my_trim(' tr = tr.previousElementSibling;');`
		289	`$str .= my_trim(' }');`
137	-	290	`$str .= my_trim(' if (e && tr && e.id.startsWith("wlEditBtn")) {');`
		291	`$str .= my_trim(' var id = tr.getAttribute("data-id");');`
		292	`$str .= my_trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Wishlist", "eventAction" : "Edit", "eventLabel" : ""});');`
		293	`$str .= my_trim(' editWishlist(id, e);');`
		294	`$str .= my_trim(' } else if (e && tr && e.id.startsWith("wlDeleteBtn")) {');`
		295	`$str .= my_trim(' var id = tr.getAttribute("data-id");');`
		296	`$str .= my_trim(' var title = tr.getAttribute("data-title");');`
		297	`$str .= my_trim(' var artist = tr.getAttribute("data-artist");');`
		298	`$str .= my_trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Wishlist", "eventAction" : "Delete", "eventLabel" : ""});');`
		299	`$str .= my_trim(' deleteWishlist(id, e, title, artist);');`
		300	`$str .= my_trim(' } else if (e && tr && e.id.startsWith("wlInfoBtn")) {');`
		301	`$str .= my_trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Album Info", "eventAction" : "Click", "eventLabel" : ""});');`
		302	`$str .= my_trim(' } else if (e && tr && e.id.startsWith("wlSearchBtn")) {');`
		303	`$str .= my_trim(' var title = tr.getAttribute("data-title");');`
		304	`$str .= my_trim(' var artist = tr.getAttribute("data-artist");');`
		305	`$str .= my_trim(' var barcode = tr.getAttribute("data-barcode");');`
		306	`$str .= my_trim(' var searchTitle = tr.getAttribute("data-search-title");');`
		307	`$str .= my_trim(' document.getElementById("discogsTitle").value = title;');`
		308	`$str .= my_trim(' document.getElementById("discogsArtist").value = artist;');`
		309	`$str .= my_trim(' document.getElementById("discogsBarcode").value = barcode;');`
		310	`$str .= my_trim(' progressBar(searchTitle);');`
		311	`$str .= my_trim(' if (window.google_tag_manager && window.ga && ga.create) {');`
		312	`$str .= my_trim(' event.preventDefault();');`
141	-	313	`$str .= my_trim(' var st = "";');`
137	-	314	`$str .= my_trim(' var form = event.target.closest("form");');`
		315	`$str .= my_trim(' var input = document.createElement("input");');`
		316	`$str .= my_trim(' input.setAttribute("type", "hidden");');`
		317	`$str .= my_trim(' input.setAttribute("name", "submitBtn");');`
		318	`$str .= my_trim(' input.setAttribute("value", "discogsSearch");');`
		319	`$str .= my_trim(' form.appendChild(input);');`
141	-	320	`$str .= my_trim(' if (title.length > 0) st += title;');`
		321	`$str .= my_trim(' if (title.length > 0 && artist.length > 0) st += " by ";');`
		322	`$str .= my_trim(' if (artist.length > 0) st += artist;');`
		323	`$str .= my_trim(' window.dataLayer.push({ "event" : "search", "search_term" : st, "eventCallback": function () {form.submit();}});');`
137	-	324	`$str .= my_trim(' }');`
		325	`$str .= my_trim(' }');`
		326	`$str .= my_trim(' });');`
		327	`$str .= my_trim('});');`
130	-	328	`$xh->insert_code($str);`
		329	`$xh->close(); // script`
		330
127	-	331	`$xh->close(); // div`
		332	`$xh->close(); // form`
		333
		334	`$xh->add_attribute("class", "modal fade");`
		335	`$xh->add_attribute("id", "editWishlistModal");`
		336	`$xh->tag('div');`
		337	`$xh->add_attribute("class", "modal-dialog");`
		338	`$xh->tag('div');`
		339	`$xh->add_attribute("class", "modal-content");`
		340	`$xh->tag('div');`
		341	`$xh->add_attribute("class", "modal-header bg-secondary");`
		342	`$xh->tag('div');`
		343	`$xh->add_attribute("class", "modal-title display-6");`
		344	`$xh->tag('p', "Edit Wishlist Entry");`
		345	`$xh->close(); // div>`
		346	`$xh->add_attribute("class", "mt-0");`
		347	`$xh->add_attribute("id", "wlMsg");`
		348	`$xh->tag('span', "");`
		349	`$xh->insert_code(inputSessionTab());`
		350	`$xh->add_attribute("type", "hidden");`
		351	`$xh->add_attribute("name", "wlId");`
		352	`$xh->add_attribute("id", "wlId");`
		353	`$xh->single_tag('input');`
		354	`$xh->add_attribute("class", "modal-body");`
		355	`$xh->tag('div');`
		356	`$xh->add_attribute("class", "form-group");`
		357	`$xh->tag('div');`
		358	`$xh->add_attribute("for", "wlArtist");`
		359	`$xh->tag('label', "Artist:");`
		360	`$xh->add_attribute("type", "text");`
143	-	361	`$xh->add_attribute("class", "form-control clearable");`
127	-	362	`$xh->add_attribute("id", "wlArtist");`
		363	`$xh->single_tag('input');`
		364	`$xh->close(); // div`
		365	`$xh->add_attribute("class", "form-group");`
		366	`$xh->tag('div');`
		367	`$xh->add_attribute("for", "wlTitle");`
		368	`$xh->tag('label', "Title:");`
		369	`$xh->add_attribute("type", "text");`
143	-	370	`$xh->add_attribute("class", "form-control clearable");`
127	-	371	`$xh->add_attribute("id", "wlTitle");`
		372	`$xh->single_tag('input');`
		373	`$xh->close(); // div`
		374	`$xh->add_attribute("class", "form-group");`
		375	`$xh->tag('div');`
		376	`$xh->add_attribute("for", "wlBarcode");`
		377	`$xh->tag('label', "Barcode:");`
		378	`$xh->add_attribute("type", "text");`
143	-	379	`$xh->add_attribute("class", "form-control clearable");`
127	-	380	`$xh->add_attribute("id", "wlBarcode");`
		381	`$xh->single_tag('input');`
		382	`$xh->close(); // div`
		383	`$xh->add_attribute("class", "form-group");`
		384	`$xh->tag('div');`
		385	`$xh->add_attribute("for", "wlCond");`
		386	`$xh->tag('label', "Condition:");`
		387	`$xh->add_attribute("class", "form-control");`
		388	`$xh->add_attribute("id", "wlCond");`
		389	`$xh->tag('select');`
		390	`$xh->tag('option', "Any");`
		391	`$xh->tag('option', "New");`
		392	`$xh->tag('option', "Used");`
		393	`$xh->close(); // select`
		394	`$xh->close(); // div`
		395	`$xh->add_attribute("class", "form-group");`
		396	`$xh->tag('div');`
		397	`$xh->add_attribute("for", "wlFormat");`
		398	`$xh->tag('label', "Format:");`
		399	`$xh->add_attribute("class", "form-control");`
		400	`$xh->add_attribute("id", "wlFormat");`
		401	`$xh->tag('select');`
		402	`$xh->tag('option', "Any");`
		403	`$xh->tag('option', "CD");`
		404	`$xh->tag('option', "Record");`
		405	`$xh->tag('option', "Digital");`
		406	`$xh->tag('option', "Book");`
		407	`$xh->close(); // select`
		408	`$xh->close(); // div`
		409	`$xh->add_attribute("class", "form-group");`
		410	`$xh->tag('div');`
		411	`$xh->add_attribute("for", "wlPrice");`
		412	`$xh->tag('label', "Ceiling Price:");`
		413	`$xh->add_attribute("type", "text");`
143	-	414	`$xh->add_attribute("class", "form-control clearable");`
127	-	415	`$xh->add_attribute("id", "wlPrice");`
		416	`$xh->single_tag('input');`
		417	`$xh->close(); // div`
		418	`$xh->close(); // div`
		419	`$xh->add_attribute("class", "modal-footer bg-secondary");`
		420	`$xh->tag('div');`
		421	`$xh->add_attribute("id", "saveEditedWl");`
		422	`$xh->add_attribute("type", "button");`
		423	`$xh->add_attribute("class", "btn btn-success");`
134	-	424	`$xh->add_attribute("name", "submitBtn");`
127	-	425	`$xh->add_attribute("value", "Save");`
		426	`$xh->tag('button', "Save");`
		427	`$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));`
		428	`$xh->tag('script');`
137	-	429	`$str = my_trim('document.addEventListener("DOMContentLoaded", function() {');`
		430	`$str .= my_trim(' document.getElementById("saveEditedWl").addEventListener("click", function() {');`
		431	`$str .= my_trim(' saveEditedWishlist();');`
		432	`$str .= my_trim(' });');`
		433	`$str .= my_trim('});');`
127	-	434	`$xh->insert_code($str);`
		435	`$xh->close(); // script`
		436	`$xh->add_attribute("type", "button");`
		437	`$xh->add_attribute("class", "btn btn-danger");`
		438	`$xh->add_attribute("data-dismiss", "modal");`
		439	`$xh->tag('button', "Cancel");`
		440	`$xh->close(); // div`
		441	`$xh->close(); // div`
		442	`$xh->close(); // div`
		443	`$xh->close(); // div`
		444	`$xh->close(); // div`
65	-	445	`}`
		446	`else {`
127	-	447	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		448	`$xh->tag('div');`
		449	`$xh->add_attribute("class", "display-6");`
		450	`$xh->tag('p');`
		451	`$xh->add_attribute("class", "material-icons");`
		452	`$xh->tag('i', "bookmark");`
		453	`$xh->tag('span', " Your wishlist is currently empty. Add matching albums from the search results.");`
		454	`$xh->close(); // p`
		455	`$xh->close(); // div`
46	-	456	`}`
		457	`}`
65	-	458	`else if (mysqli_errno($conn)) {`
		459	`error_log("MySQL Read Wishlist SQL: " . $sql);`
		460	`error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		461	`}`
46	-	462
127	-	463	`$html = $xh->flush();`
		464	`//error_log(print_r($html, 1));`
		465
		466	`return $html;`
52	-	467	`}`
		468
		469	`function deleteWishlist($uid, $id) {`
		470	`$conn = MySessionHandler::getDBSessionId();`
		471
		472	`$id = mysqli_real_escape_string($conn, $id);`
		473	`$uid = mysqli_real_escape_string($conn, $uid);`
		474
		475	`$sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";`
		476
		477	`if (!($result = mysqli_query($conn, $sql))) {`
65	-	478	`error_log("MySQL Delete Wishlist SQL: " . $sql);`
		479	`error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		480	`return -1;`
52	-	481	`}`
		482
		483	`return 0;`
		484	`}`
		485
		486	`function updateWishlist($uid, $wlArr) {`
		487	`$nul = 'NULL';`
		488	`$conn = MySessionHandler::getDBSessionId();`
		489
		490	`$modified = mysqli_real_escape_string($conn, time());`
		491
		492	`$id = (empty($wlArr['id']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['id']) . "'");`
		493	`$uid = mysqli_real_escape_string($conn, $uid);`
		494	`$barcode = (empty($wlArr['barcode']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['barcode']) . "'");`
		495	`$title = isset($wlArr['title']) ? "'" . mysqli_real_escape_string($conn, $wlArr['title']) . "'" : "NULL";`
		496	`$artist = isset($wlArr['artist']) ? "'" . mysqli_real_escape_string($conn, $wlArr['artist']) . "'" : "NULL";`
73	-	497	`$cond = isset($wlArr['cond']) ? mysqli_real_escape_string($conn, $wlArr['cond']) : "Any";`
52	-	498	`$format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";`
		499	`$currency = 'USD'; //bugbug`
		500	`$price = isset($wlArr['price']) ? "'" . mysqli_real_escape_string($conn, $wlArr['price']) . "'" : "NULL";`
		501
		502	`$sql = "UPDATE wishlist`
73	-	503	`SET modified='$modified', barcode=" . $barcode . ", title=" . $title . ", artist=" . $artist . ", cond='$cond', format='$format', price=" . $price . "`
52	-	504	`WHERE id=$id and uid=$uid";`
		505
		506	`if ($result = mysqli_query($conn, $sql)) {`
		507	`return 0;`
65	-	508	`}`
		509	`else {`
52	-	510	`error_log("MySQL Update Wishlist SQL: " . $sql);`
		511	`error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
		512	`return -1;`
		513	`}`
		514
		515	`return -1;`
		516	`}`
73	-	517
		518	`function unsubscribeWishlist($arr) {`
116	-	519	`if (empty($arr['id']) \|\| empty($arr['email'])) {`
		520	`return "";`
		521	`}`
73	-	522	`$conn = MySessionHandler::getDBSessionId();`
		523
		524	`$modified = mysqli_real_escape_string($conn, time());`
		525
		526	`$id = mysqli_real_escape_string($conn, $arr['id']);`
		527	`$email = mysqli_real_escape_string($conn, $arr['email']);`
		528
		529	`$sql = "UPDATE users`
		530	`SET wlEmailFlag = '0'`
		531	`WHERE id=$id and email='$email'";`
		532
		533	`if (!($result = mysqli_query($conn, $sql))) {`
		534	`error_log("MySQL Update Wishlist SQL: " . $sql);`
		535	`error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
		536	`}`
		537
127	-	538	`$xh = new Html;`
		539	`$xh->init($_SESSION["htmlIndent"]);`
73	-	540
127	-	541	`$xh->add_attribute("class", "container text-center bg-warning p-3 rounded");`
		542	`$xh->tag('div');`
		543	`$xh->add_attribute("class", "display-6 font-weight-bold");`
		544	`$xh->tag('p', "The wishlist price check emails for " . $email . " have been turned off.");`
		545	`$xh->tag('p', "You can reinstate the emails at any time by setting the option 'Email Price Checks' for your account back to 'Yes'.");`
		546	`$xh->close(); // div>";`
		547
		548	`$html = $xh->flush();`
		549	`//error_log(print_r($html, 1));`
		550
		551	`return $html;`
73	-	552	`}`
78	-	553
		554	`function checkPriceMonitor() {`
		555	`if (empty($_SESSION['sessData']['userID'])) {`
		556	`unset($_SESSION['priceMonitor']);`
		557	`return -1;`
		558	`}`
		559
		560	`$conn = MySessionHandler::getDBSessionId();`
		561
		562	`$uid = $_SESSION['sessData']['userID'];`
		563
		564	`$sql = "SELECT created, access`
		565	`FROM pricemonitor`
		566	`WHERE userId = '$uid'";`
		567
		568	`if ($result = mysqli_query($conn, $sql)) {`
		569	`if (mysqli_num_rows($result) > 0) {`
		570	`if ($row = mysqli_fetch_assoc($result)) {`
		571	`$_SESSION['priceMonitor']['created'] = $row['created'];`
		572	`$_SESSION['priceMonitor']['access'] = $row['access'];`
110	-	573	`if ($_SESSION['priceMonitor']['created'] > $_SESSION['priceMonitor']['access']) {`
79	-	574	`$_SESSION['priceMonitor']['newFlag'] = true;`
		575	`} else {`
		576	`$_SESSION['priceMonitor']['newFlag'] = false;`
		577	`}`
78	-	578
		579	`return 0;`
		580	`}`
		581	`}`
		582	`}`
		583	`else if (mysqli_errno($conn)) {`
		584	`error_log("MySQL Read Price Monitor SQL: " . $sql);`
		585	`error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		586	`}`
		587
		588	`return -1;`
		589	`}`
		590
		591
		592	`function getPriceMonitor() {`
127	-	593	`$xh = new Html;`
		594	`$xh->init($_SESSION["htmlIndent"]);`
		595
107	-	596	`if (!isLoggedIn()) {`
127	-	597	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		598	`$xh->tag('div');`
		599	`$xh->add_attribute("class", "display-6");`
		600	`$xh->tag('p');`
		601	`$xh->add_attribute("class", "material-icons");`
		602	`$xh->tag('i', "error_outline");`
		603	`$xh->tag('span', " Please login to your Find Cheap Music account in order to see the price monitor results.");`
		604	`$xh->close(); // p`
		605	`$xh->close(); // div`
		606
		607	`$html = $xh->flush();`
		608	`//error_log(print_r($html, 1));`
		609
		610	`return $html;`
107	-	611	`}`
		612
78	-	613	`$conn = MySessionHandler::getDBSessionId();`
		614
		615	`$uid = $_SESSION['sessData']['userID'];`
		616
		617	`$sql = "SELECT data`
		618	`FROM pricemonitor`
		619	`WHERE userId = '$uid'";`
		620
		621	`if ($result = mysqli_query($conn, $sql)) {`
		622	`if (mysqli_num_rows($result) > 0) {`
		623	`if ($row = mysqli_fetch_assoc($result)) {`
		624	`$access = mysqli_real_escape_string($conn, time());`
		625	`$sql = "UPDATE pricemonitor`
		626	`SET access = $access`
		627	`WHERE userId = '$uid'";`
		628	`if (!($result = mysqli_query($conn, $sql))) {`
		629	`error_log("MySQL Update Price Monitor SQL: " . $sql);`
		630	`error_log("MySQL Update Price Monitor Error: " . mysqli_error($conn) . " (" . $error . ")");`
		631	`}`
		632
121	-	633	`$html = gzdecode(base64_decode($row['data']));`
		634	`$html = str_replace(base64_encode("xxxNONCExxx"), base64_encode($_SESSION["nonce"]), $html);`
		635	`return ($html);`
78	-	636	`}`
		637	`}`
		638	`}`
		639	`else if (mysqli_errno($conn)) {`
		640	`error_log("MySQL Read Price Monitor SQL: " . $sql);`
		641	`error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		642	`}`
		643
127	-	644	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		645	`$xh->tag('div');`
		646	`$xh->add_attribute("class", "display-6");`
		647	`$xh->tag('p');`
		648	`$xh->add_attribute("class", "material-icons");`
		649	`$xh->tag('i', "bookmark");`
		650	`$xh->tag('span', " Your price monitor list is currently empty.");`
		651	`$xh->close(); // p`
		652	`$xh->close(); // div`
		653
		654	`$html = $xh->flush();`
		655	`//error_log(print_r($html, 1));`
		656
		657	`return $html;`
78	-	658	`}`

Subversion Repositories cheapmusic

(root)/www/php/wishlist.php – Rev 143