WebSVN – cheapmusic – Blame – /www/php/wishlist.php

Rev	Author	Line No.	Line
45	-	1	`<?php`
65	-	2	`include_once ('php/clsLibGTIN.php');`
		3	`include_once ('php/constants.php');`
45	-	4
		5	`error_reporting(E_ALL);`
		6
65	-	7	`// add new entry to wishlist`
52	-	8	`function addWishlist($uid, $wlArr) {`
45	-	9	`$conn = MySessionHandler::getDBSessionId();`
		10
		11	`$created = mysqli_real_escape_string($conn, time());`
		12	`$modified = $created;`
		13
52	-	14	`$uid = mysqli_real_escape_string($conn, $uid);`
		15	`$mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";`
		16	`$rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";`
154	-	17	`$asin = isset($wlArr->{'asin'}) ? mysqli_real_escape_string($conn, $wlArr->{'asin'}) : null;`
		18	`$barcode = (empty($wlArr->{'barcode'}) ? null : mysqli_real_escape_string($conn, $wlArr->{'barcode'}));`
		19	`$title = isset($wlArr->{'title'}) ? mysqli_real_escape_string($conn, $wlArr->{'title'}) : null;`
		20	`$artist = isset($wlArr->{'artist'}) ? mysqli_real_escape_string($conn, $wlArr->{'artist'}) : null;`
73	-	21	`$cond = 'Any';`
45	-	22	`$format = 'Any';`
46	-	23	`$currency = 'USD'; //bugbug`
154	-	24	`$price = null;`
		25	`$url = isset($wlArr->{'url'}) ? mysqli_real_escape_string($conn, $wlArr->{'url'}) : null;`
		26	`$thumbnail = isset($wlArr->{'thumbnail'}) ? mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) : null;`
96	-	27	`$ip = inet_pton($_SERVER['REMOTE_ADDR']);`
45	-	28
		29	`$sql = "INSERT`
		30	`INTO wishlist`
154	-	31	`(id, created, ip, modified, uid, mid, rid, asin, barcode, title, artist, cond, format, currency, price, url, thumbnail, checked)`
		32	`VALUES (NULL, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 0)";`
		33	`$stmt = mysqli_prepare($conn, $sql);`
		34	`mysqli_stmt_bind_param($stmt, 'dsddddsssssssdss', $created, $ip, $modified, $uid, $mid, $rid, $asin, $barcode, $title, $artist, $cond, $format, $currency, $price, $url, $thumbnail);`
45	-	35
154	-	36	`if ($result = mysqli_stmt_execute($stmt)) {`
52	-	37	`return 0;`
65	-	38	`}`
		39	`else {`
45	-	40	`$error = mysqli_errno($conn);`
		41	`if ($error == 1062) {`
52	-	42	`return 1;`
65	-	43	`}`
		44	`else {`
154	-	45	`error_log("MySQL Write Wishlist SQL: " . $sql);`
		46	`error_log("MySQL Write Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
52	-	47	`return -1;`
45	-	48	`}`
		49	`}`
		50
154	-	51	`mysqli_stmt_close($stmt);`
		52
52	-	53	`return -1;`
45	-	54	`}`
		55
46	-	56	`function checkWishlist($type, $id) {`
45	-	57	`$conn = MySessionHandler::getDBSessionId();`
81	-	58	`if ($type == "master") {`
		59	`$colName = "mid";`
		60	`} else if ($type == "release") {`
		61	`$colName = "rid";`
		62	`} else if ($type == "asin") {`
		63	`$colName = "asin";`
		64	`}`
45	-	65
52	-	66	`$uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);`
45	-	67
		68	`$sql = "SELECT id`
		69	`FROM wishlist`
81	-	70	`WHERE uid = '$uid' and $colName = '$id'";`
45	-	71
		72	`if ($result = mysqli_query($conn, $sql)) {`
		73	`if (mysqli_num_rows($result) > 0) {`
		74	`return true;`
		75	`}`
		76	`}`
65	-	77	`else if (mysqli_errno($conn)) {`
		78	`error_log("MySQL Check Wishlist SQL: " . $sql);`
		79	`error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		80	`return true;`
		81	`}`
45	-	82
		83	`return false;`
46	-	84	`}`
		85
		86	`function getWishlist() {`
127	-	87	`$xh = new Html;`
		88	`$xh->init($_SESSION["htmlIndent"]);`
		89
107	-	90	`if (!isLoggedIn()) {`
127	-	91	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		92	`$xh->tag('div');`
		93	`$xh->add_attribute("class", "display-6");`
		94	`$xh->tag('p');`
		95	`$xh->add_attribute("class", "material-icons");`
		96	`$xh->tag('i', "error_outline");`
		97	`$xh->tag('span', " Please login to your Find Cheap Music account in order to maintain the wishlist.");`
		98	`$xh->close(); // p`
		99	`$xh->close(); // div`
		100
		101	`$html = $xh->flush();`
		102	`//error_log(print_r($html, 1));`
		103
		104	`return $html;`
107	-	105	`}`
		106
46	-	107	`$conn = MySessionHandler::getDBSessionId();`
		108
		109	`$uid = $_SESSION['sessData']['userID'];`
		110
		111	`$sql = "SELECT *`
		112	`FROM wishlist`
		113	`WHERE uid = '$uid'";`
		114
		115	`if ($result = mysqli_query($conn, $sql)) {`
		116	`if (mysqli_num_rows($result) > 0) {`
143	-	117	`$xh->add_attribute("class", "container pt-3");`
		118	`$xh->tag('div');`
127	-	119	`$xh->add_attribute("method", "post");`
		120	`$xh->add_attribute("action", "/index.php");`
		121	`$xh->tag('form');`
		122	`$xh->insert_code(inputSessionTab());`
		123	`$xh->add_attribute("id", "discogsTitle");`
		124	`$xh->add_attribute("type", "hidden");`
		125	`$xh->add_attribute("name", "discogsTitle");`
		126	`$xh->add_attribute("value", "");`
		127	`$xh->single_tag('input');`
		128	`$xh->add_attribute("id", "discogsArtist");`
		129	`$xh->add_attribute("type", "hidden");`
		130	`$xh->add_attribute("name", "discogsArtist");`
		131	`$xh->add_attribute("value", "");`
		132	`$xh->single_tag('input');`
		133	`$xh->add_attribute("id", "discogsBarcode");`
		134	`$xh->add_attribute("type", "hidden");`
		135	`$xh->add_attribute("name", "discogsBarcode");`
		136	`$xh->add_attribute("value", "");`
		137	`$xh->single_tag('input');`
		138	`$xh->insert_code(inputNonce());`
		139	`$xh->add_attribute("class", "table");`
		140	`$xh->tag('div');`
		141	`$xh->add_attribute("id", "wishlistTable");`
143	-	142	`$xh->add_attribute("class", "table table-striped condensed table-hover small w-100 DataTable");`
		143	`$xh->add_attribute("data-paging", "false");`
		144	`$xh->add_attribute("data-searching", "true");`
		145	`$xh->add_attribute("data-state-save", "false");`
		146	`$xh->add_attribute("data-info", "true");`
		147	`$xh->add_attribute("data-ordering", "true");`
		148	`$xh->add_attribute("data-order", "[[ 1, "asc" ]]");`
		149	`$xh->add_attribute("data-responsive", "true");`
127	-	150	`$xh->tag('table');`
143	-	151	`$xh->add_attribute("class", "thead-dark table-header-sticky");`
127	-	152	`$xh->tag('thead');`
		153	`$xh->tag('tr');`
143	-	154	`$xh->add_attribute("data-name", "image");`
		155	`$xh->add_attribute("data-width", "15%");`
		156	`$xh->add_attribute("data-orderable", "false");`
		157	`$xh->add_attribute("data-priority", "1");`
127	-	158	`$xh->tag('th', "");`
143	-	159	`$xh->add_attribute("data-name", "artist");`
		160	`$xh->add_attribute("data-priority", "1");`
		161	`$xh->add_attribute("class", "text-left");`
		162	`$xh->tag('th', "Artist");`
46	-	163
143	-	164	`$xh->add_attribute("data-name", "title");`
		165	`$xh->add_attribute("data-priority", "1");`
		166	`$xh->add_attribute("class", "text-left");`
		167	`$xh->tag('th', "Title");`
127	-	168
143	-	169	`$xh->add_attribute("data-name", "barcode");`
		170	`$xh->add_attribute("data-priority", "4");`
		171	`$xh->tag('th', "Barcode");`
127	-	172
143	-	173	`$xh->add_attribute("data-name", "condition");`
		174	`$xh->add_attribute("data-priority", "3");`
		175	`$xh->tag('th', "Condition");`
127	-	176
143	-	177	`$xh->add_attribute("data-name", "format");`
		178	`$xh->add_attribute("data-priority", "3");`
		179	`$xh->tag('th', "Format");`
127	-	180
143	-	181	`$xh->add_attribute("data-name", "price");`
		182	`$xh->add_attribute("data-priority", "2");`
		183	`$xh->tag('th', "Price");`
127	-	184
143	-	185	`$xh->add_attribute("data-name", "icons");`
		186	`$xh->add_attribute("data-priority", "1");`
		187	`$xh->add_attribute("data-orderable", "false");`
127	-	188	`$xh->tag('th', "");`
		189	`$xh->close(); // tr`
		190	`$xh->close(); // thead`
154	-	191
127	-	192	`$xh->tag('tbody');`
		193
65	-	194	`while ($row = mysqli_fetch_assoc($result)) {`
141	-	195	`$artist = (empty($row["artist"]) ? "" : htmlentities($row["artist"]));`
125	-	196	`$altText = "Image for " . htmlentities($row['title']) . " by " . $artist;`
46	-	197	`$price = print_monetary($row['price'], $row['currency']);`
141	-	198	`$searchTitle = 'Searching for:<br><br><strong>';`
		199	`if (!empty($row['title'])) { $searchTitle .= htmlentities($row['title']); }`
		200	`if (!empty($row['title']) && !empty($artist)) { $searchTitle .= " by "; }`
		201	`if (!empty($artist)) { $searchTitle .= $artist; }`
50	-	202	`if ($row['barcode'] !== null) {`
		203	`$searchTitle .= " (" . displayBarcode($row['barcode']) . ")";`
		204	`}`
52	-	205	`$searchTitle .= "</strong>";`
143	-	206	`$xh->add_attribute("id", "wlIdRow" . $row['id']);`
130	-	207	`$xh->add_attribute("data-id", $row['id']);`
		208	`$xh->add_attribute("data-title", htmlentities($row['title']));`
		209	`$xh->add_attribute("data-artist", $artist);`
		210	`$xh->add_attribute("data-barcode", htmlentities($row['barcode']));`
		211	`$xh->add_attribute("data-search-title", $searchTitle);`
127	-	212	`$xh->tag('tr');`
143	-	213	`$xh->add_attribute("class", "wl-img");`
127	-	214	`$xh->tag('td');`
		215	`$xh->add_attribute("class", "img-fluid lazyload");`
		216	`$xh->add_attribute("src",PIXEL);`
		217	`$xh->add_attribute("data-src", $row["thumbnail"]);`
		218	`$xh->add_attribute("alt", $altText);`
		219	`$xh->single_tag('img');`
		220	`$xh->close(); // td`
52	-	221
127	-	222	`$xh->tag('td', $artist);`
		223	`$xh->tag('td', htmlentities($row['title']));`
143	-	224	`$xh->add_attribute("data-order", htmlentities($row['barcode']));`
127	-	225	`$xh->tag('td', displayBarcode($row['barcode']));`
		226	`$xh->tag('td', $row['cond']);`
		227	`$xh->tag('td', $row['format']);`
143	-	228	`$xh->add_attribute("data-order", $row['price']);`
127	-	229	`$xh->tag('td', $price);`
		230	`$xh->tag('td');`
		231	`$xh->add_attribute("id", "wlEditBtn" . $row['id']);`
		232	`$xh->add_attribute("class", "btn btn-sm btn-warning rounded px-1");`
		233	`$xh->add_attribute("type", "button");`
		234	`$xh->add_attribute("data-toggle", "tooltip");`
		235	`$xh->add_attribute("title", "Edit");`
		236	`$xh->add_attribute("aria-label", "Edit Entry");`
		237	`$xh->tag('button');`
		238	`$xh->add_attribute("class", "material-icons");`
		239	`$xh->tag('i', "edit");`
		240	`$xh->close(); // button`
		241	`$xh->tag('span' , " ");`
		242	`$xh->add_attribute("id", "wlDeleteBtn" . $row['id']);`
		243	`$xh->add_attribute("class", "btn btn-sm btn-danger rounded px-1");`
		244	`$xh->add_attribute("type", "button");`
		245	`$xh->add_attribute("data-toggle", "tooltip");`
		246	`$xh->add_attribute("title", "Delete");`
		247	`$xh->add_attribute("aria-label", "Delete Entry");`
		248	`$xh->tag('button');`
		249	`$xh->add_attribute("class", "material-icons");`
		250	`$xh->tag('i', "cancel_presentation");`
		251	`$xh->close(); // button`
		252	`$xh->tag('span' , " ");`
130	-	253	`$xh->add_attribute("id", "wlInfoBtn" . $row['id']);`
143	-	254	`$xh->add_attribute("class", "btn btn-sm btn-info rounded px-1");`
127	-	255	`$xh->add_attribute("role", "button");`
		256	`$xh->add_attribute("data-toggle", "tooltip");`
		257	`$xh->add_attribute("title", "Information");`
		258	`$xh->add_attribute("aria-label", "Information for Entry");`
		259	`$xh->add_attribute("href", htmlentities($row['url']));`
		260	`$xh->add_attribute("target", "_blank", "rel", "noreferrer noopener");`
		261	`$xh->tag('a');`
		262	`$xh->add_attribute("class", "material-icons");`
		263	`$xh->tag('i', "info_outline");`
		264	`$xh->close(); // a`
		265	`$xh->tag('span' , " ");`
		266	`$xh->add_attribute("id", "wlSearchBtn" . $row['id']);`
		267	`$xh->add_attribute("type", "submit");`
134	-	268	`$xh->add_attribute("name", "submitBtn");`
127	-	269	`$xh->add_attribute("value", "discogsSearch");`
		270	`$xh->add_attribute("class", "btn btn-sm btn-success rounded px-1");`
		271	`$xh->tag('button');`
		272	`$xh->add_attribute("class", "material-icons");`
		273	`$xh->add_attribute("title", "Search for Store Offers");`
		274	`$xh->add_attribute("aria-label", "Search Store Offers for Entry");`
		275	`$xh->add_attribute("data-toggle", "tooltip");`
		276	`$xh->tag('i', "search");`
		277	`$xh->close(); // button`
		278	`$xh->close(); // td`
		279	`$xh->close(); // tr`
46	-	280	`}`
52	-	281
127	-	282	`$xh->close(); // tbody`
		283	`$xh->close(); // table`
130	-	284	`$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));`
		285	`$xh->tag('script');`
137	-	286	`$str = my_trim('document.addEventListener("DOMContentLoaded", function() {');`
		287	`$str .= my_trim(' document.getElementById("wishlistTable").addEventListener("click", function(event) {');`
		288	`$str .= my_trim(' e = event.target.closest("button") \|\| event.target.closest("a");');`
		289	`$str .= my_trim(' tr = event.target.closest("tr");');`
143	-	290	`$str .= my_trim(' if ($(tr).hasClass("child")) {');`
		291	`$str .= my_trim(' tr = tr.previousElementSibling;');`
		292	`$str .= my_trim(' }');`
137	-	293	`$str .= my_trim(' if (e && tr && e.id.startsWith("wlEditBtn")) {');`
		294	`$str .= my_trim(' var id = tr.getAttribute("data-id");');`
		295	`$str .= my_trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Wishlist", "eventAction" : "Edit", "eventLabel" : ""});');`
		296	`$str .= my_trim(' editWishlist(id, e);');`
		297	`$str .= my_trim(' } else if (e && tr && e.id.startsWith("wlDeleteBtn")) {');`
		298	`$str .= my_trim(' var id = tr.getAttribute("data-id");');`
		299	`$str .= my_trim(' var title = tr.getAttribute("data-title");');`
		300	`$str .= my_trim(' var artist = tr.getAttribute("data-artist");');`
		301	`$str .= my_trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Wishlist", "eventAction" : "Delete", "eventLabel" : ""});');`
		302	`$str .= my_trim(' deleteWishlist(id, e, title, artist);');`
		303	`$str .= my_trim(' } else if (e && tr && e.id.startsWith("wlInfoBtn")) {');`
		304	`$str .= my_trim(' window.dataLayer.push({ "event" : "trackEvent", "eventCategory" : "Album Info", "eventAction" : "Click", "eventLabel" : ""});');`
		305	`$str .= my_trim(' } else if (e && tr && e.id.startsWith("wlSearchBtn")) {');`
		306	`$str .= my_trim(' var title = tr.getAttribute("data-title");');`
		307	`$str .= my_trim(' var artist = tr.getAttribute("data-artist");');`
		308	`$str .= my_trim(' var barcode = tr.getAttribute("data-barcode");');`
		309	`$str .= my_trim(' var searchTitle = tr.getAttribute("data-search-title");');`
		310	`$str .= my_trim(' document.getElementById("discogsTitle").value = title;');`
		311	`$str .= my_trim(' document.getElementById("discogsArtist").value = artist;');`
		312	`$str .= my_trim(' document.getElementById("discogsBarcode").value = barcode;');`
		313	`$str .= my_trim(' progressBar(searchTitle);');`
		314	`$str .= my_trim(' if (window.google_tag_manager && window.ga && ga.create) {');`
		315	`$str .= my_trim(' event.preventDefault();');`
141	-	316	`$str .= my_trim(' var st = "";');`
137	-	317	`$str .= my_trim(' var form = event.target.closest("form");');`
		318	`$str .= my_trim(' var input = document.createElement("input");');`
		319	`$str .= my_trim(' input.setAttribute("type", "hidden");');`
		320	`$str .= my_trim(' input.setAttribute("name", "submitBtn");');`
		321	`$str .= my_trim(' input.setAttribute("value", "discogsSearch");');`
		322	`$str .= my_trim(' form.appendChild(input);');`
141	-	323	`$str .= my_trim(' if (title.length > 0) st += title;');`
		324	`$str .= my_trim(' if (title.length > 0 && artist.length > 0) st += " by ";');`
		325	`$str .= my_trim(' if (artist.length > 0) st += artist;');`
		326	`$str .= my_trim(' window.dataLayer.push({ "event" : "search", "search_term" : st, "eventCallback": function () {form.submit();}});');`
137	-	327	`$str .= my_trim(' }');`
		328	`$str .= my_trim(' }');`
		329	`$str .= my_trim(' });');`
		330	`$str .= my_trim('});');`
130	-	331	`$xh->insert_code($str);`
		332	`$xh->close(); // script`
		333
127	-	334	`$xh->close(); // div`
		335	`$xh->close(); // form`
154	-	336
127	-	337	`$xh->add_attribute("class", "modal fade");`
		338	`$xh->add_attribute("id", "editWishlistModal");`
		339	`$xh->tag('div');`
		340	`$xh->add_attribute("class", "modal-dialog");`
		341	`$xh->tag('div');`
		342	`$xh->add_attribute("class", "modal-content");`
		343	`$xh->tag('div');`
		344	`$xh->add_attribute("class", "modal-header bg-secondary");`
		345	`$xh->tag('div');`
		346	`$xh->add_attribute("class", "modal-title display-6");`
		347	`$xh->tag('p', "Edit Wishlist Entry");`
		348	`$xh->close(); // div>`
		349	`$xh->add_attribute("class", "mt-0");`
		350	`$xh->add_attribute("id", "wlMsg");`
		351	`$xh->tag('span', "");`
		352	`$xh->insert_code(inputSessionTab());`
		353	`$xh->add_attribute("type", "hidden");`
		354	`$xh->add_attribute("name", "wlId");`
		355	`$xh->add_attribute("id", "wlId");`
		356	`$xh->single_tag('input');`
		357	`$xh->add_attribute("class", "modal-body");`
		358	`$xh->tag('div');`
		359	`$xh->add_attribute("class", "form-group");`
		360	`$xh->tag('div');`
		361	`$xh->add_attribute("for", "wlArtist");`
		362	`$xh->tag('label', "Artist:");`
		363	`$xh->add_attribute("type", "text");`
143	-	364	`$xh->add_attribute("class", "form-control clearable");`
127	-	365	`$xh->add_attribute("id", "wlArtist");`
		366	`$xh->single_tag('input');`
		367	`$xh->close(); // div`
		368	`$xh->add_attribute("class", "form-group");`
		369	`$xh->tag('div');`
		370	`$xh->add_attribute("for", "wlTitle");`
		371	`$xh->tag('label', "Title:");`
		372	`$xh->add_attribute("type", "text");`
143	-	373	`$xh->add_attribute("class", "form-control clearable");`
127	-	374	`$xh->add_attribute("id", "wlTitle");`
		375	`$xh->single_tag('input');`
		376	`$xh->close(); // div`
		377	`$xh->add_attribute("class", "form-group");`
		378	`$xh->tag('div');`
		379	`$xh->add_attribute("for", "wlBarcode");`
		380	`$xh->tag('label', "Barcode:");`
		381	`$xh->add_attribute("type", "text");`
143	-	382	`$xh->add_attribute("class", "form-control clearable");`
127	-	383	`$xh->add_attribute("id", "wlBarcode");`
		384	`$xh->single_tag('input');`
		385	`$xh->close(); // div`
		386	`$xh->add_attribute("class", "form-group");`
		387	`$xh->tag('div');`
		388	`$xh->add_attribute("for", "wlCond");`
		389	`$xh->tag('label', "Condition:");`
		390	`$xh->add_attribute("class", "form-control");`
		391	`$xh->add_attribute("id", "wlCond");`
		392	`$xh->tag('select');`
		393	`$xh->tag('option', "Any");`
		394	`$xh->tag('option', "New");`
		395	`$xh->tag('option', "Used");`
		396	`$xh->close(); // select`
		397	`$xh->close(); // div`
		398	`$xh->add_attribute("class", "form-group");`
		399	`$xh->tag('div');`
		400	`$xh->add_attribute("for", "wlFormat");`
		401	`$xh->tag('label', "Format:");`
		402	`$xh->add_attribute("class", "form-control");`
		403	`$xh->add_attribute("id", "wlFormat");`
		404	`$xh->tag('select');`
		405	`$xh->tag('option', "Any");`
		406	`$xh->tag('option', "CD");`
		407	`$xh->tag('option', "Record");`
		408	`$xh->tag('option', "Digital");`
		409	`$xh->tag('option', "Book");`
		410	`$xh->close(); // select`
		411	`$xh->close(); // div`
		412	`$xh->add_attribute("class", "form-group");`
		413	`$xh->tag('div');`
		414	`$xh->add_attribute("for", "wlPrice");`
		415	`$xh->tag('label', "Ceiling Price:");`
		416	`$xh->add_attribute("type", "text");`
143	-	417	`$xh->add_attribute("class", "form-control clearable");`
127	-	418	`$xh->add_attribute("id", "wlPrice");`
		419	`$xh->single_tag('input');`
		420	`$xh->close(); // div`
		421	`$xh->close(); // div`
		422	`$xh->add_attribute("class", "modal-footer bg-secondary");`
		423	`$xh->tag('div');`
		424	`$xh->add_attribute("id", "saveEditedWl");`
		425	`$xh->add_attribute("type", "button");`
		426	`$xh->add_attribute("class", "btn btn-success");`
134	-	427	`$xh->add_attribute("name", "submitBtn");`
127	-	428	`$xh->add_attribute("value", "Save");`
		429	`$xh->tag('button', "Save");`
		430	`$xh->add_attribute("nonce", base64_encode($_SESSION["nonce"]));`
		431	`$xh->tag('script');`
137	-	432	`$str = my_trim('document.addEventListener("DOMContentLoaded", function() {');`
		433	`$str .= my_trim(' document.getElementById("saveEditedWl").addEventListener("click", function() {');`
		434	`$str .= my_trim(' saveEditedWishlist();');`
		435	`$str .= my_trim(' });');`
		436	`$str .= my_trim('});');`
127	-	437	`$xh->insert_code($str);`
		438	`$xh->close(); // script`
		439	`$xh->add_attribute("type", "button");`
		440	`$xh->add_attribute("class", "btn btn-danger");`
		441	`$xh->add_attribute("data-dismiss", "modal");`
		442	`$xh->tag('button', "Cancel");`
		443	`$xh->close(); // div`
		444	`$xh->close(); // div`
		445	`$xh->close(); // div`
		446	`$xh->close(); // div`
		447	`$xh->close(); // div`
65	-	448	`}`
		449	`else {`
127	-	450	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		451	`$xh->tag('div');`
		452	`$xh->add_attribute("class", "display-6");`
		453	`$xh->tag('p');`
		454	`$xh->add_attribute("class", "material-icons");`
		455	`$xh->tag('i', "bookmark");`
		456	`$xh->tag('span', " Your wishlist is currently empty. Add matching albums from the search results.");`
		457	`$xh->close(); // p`
		458	`$xh->close(); // div`
46	-	459	`}`
		460	`}`
65	-	461	`else if (mysqli_errno($conn)) {`
		462	`error_log("MySQL Read Wishlist SQL: " . $sql);`
		463	`error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		464	`}`
46	-	465
127	-	466	`$html = $xh->flush();`
		467	`//error_log(print_r($html, 1));`
		468
		469	`return $html;`
52	-	470	`}`
		471
		472	`function deleteWishlist($uid, $id) {`
		473	`$conn = MySessionHandler::getDBSessionId();`
		474
		475	`$id = mysqli_real_escape_string($conn, $id);`
		476	`$uid = mysqli_real_escape_string($conn, $uid);`
		477
		478	`$sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";`
		479
		480	`if (!($result = mysqli_query($conn, $sql))) {`
65	-	481	`error_log("MySQL Delete Wishlist SQL: " . $sql);`
		482	`error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		483	`return -1;`
52	-	484	`}`
		485
		486	`return 0;`
		487	`}`
		488
		489	`function updateWishlist($uid, $wlArr) {`
		490	`$conn = MySessionHandler::getDBSessionId();`
		491
		492	`$modified = mysqli_real_escape_string($conn, time());`
		493
154	-	494	`$id = (empty($wlArr['id']) ? null : mysqli_real_escape_string($conn, $wlArr['id']));`
52	-	495	`$uid = mysqli_real_escape_string($conn, $uid);`
154	-	496	`$barcode = (empty($wlArr['barcode']) ? null : mysqli_real_escape_string($conn, $wlArr['barcode']));`
		497	`$title = isset($wlArr['title']) ? mysqli_real_escape_string($conn, $wlArr['title']) : null;`
		498	`$artist = isset($wlArr['artist']) ? mysqli_real_escape_string($conn, $wlArr['artist']) : null;`
73	-	499	`$cond = isset($wlArr['cond']) ? mysqli_real_escape_string($conn, $wlArr['cond']) : "Any";`
52	-	500	`$format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";`
		501	`$currency = 'USD'; //bugbug`
154	-	502	`$price = isset($wlArr['price']) ? mysqli_real_escape_string($conn, $wlArr['price']) : null;`
		503	`$ip = inet_pton($_SERVER['REMOTE_ADDR']);`
52	-	504
		505	`$sql = "UPDATE wishlist`
154	-	506	`SET modified=?, barcode=?, title=?, artist=?, cond=?, format=?, price=?, ip=?`
		507	`WHERE id=? and uid=?";`
		508	`$stmt = mysqli_prepare($conn, $sql);`
		509	`mysqli_stmt_bind_param($stmt, 'dsssssdsdd', $modified, $barcode, $title, $artist, $cond, $format, $price, $ip, $id, $uid);`
52	-	510
154	-	511	`if ($result = mysqli_stmt_execute($stmt)) {`
52	-	512	`return 0;`
65	-	513	`}`
		514	`else {`
52	-	515	`error_log("MySQL Update Wishlist SQL: " . $sql);`
		516	`error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
		517	`return -1;`
		518	`}`
		519
154	-	520	`mysqli_stmt_close($stmt);`
		521
52	-	522	`return -1;`
		523	`}`
73	-	524
		525	`function unsubscribeWishlist($arr) {`
116	-	526	`if (empty($arr['id']) \|\| empty($arr['email'])) {`
		527	`return "";`
		528	`}`
73	-	529	`$conn = MySessionHandler::getDBSessionId();`
		530
		531	`$modified = mysqli_real_escape_string($conn, time());`
		532
		533	`$id = mysqli_real_escape_string($conn, $arr['id']);`
		534	`$email = mysqli_real_escape_string($conn, $arr['email']);`
		535
		536	`$sql = "UPDATE users`
		537	`SET wlEmailFlag = '0'`
		538	`WHERE id=$id and email='$email'";`
		539
		540	`if (!($result = mysqli_query($conn, $sql))) {`
		541	`error_log("MySQL Update Wishlist SQL: " . $sql);`
		542	`error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");`
		543	`}`
		544
127	-	545	`$xh = new Html;`
		546	`$xh->init($_SESSION["htmlIndent"]);`
73	-	547
127	-	548	`$xh->add_attribute("class", "container text-center bg-warning p-3 rounded");`
		549	`$xh->tag('div');`
		550	`$xh->add_attribute("class", "display-6 font-weight-bold");`
		551	`$xh->tag('p', "The wishlist price check emails for " . $email . " have been turned off.");`
		552	`$xh->tag('p', "You can reinstate the emails at any time by setting the option 'Email Price Checks' for your account back to 'Yes'.");`
		553	`$xh->close(); // div>";`
		554
		555	`$html = $xh->flush();`
		556	`//error_log(print_r($html, 1));`
		557
		558	`return $html;`
73	-	559	`}`
78	-	560
		561	`function checkPriceMonitor() {`
		562	`if (empty($_SESSION['sessData']['userID'])) {`
		563	`unset($_SESSION['priceMonitor']);`
		564	`return -1;`
		565	`}`
		566
		567	`$conn = MySessionHandler::getDBSessionId();`
		568
		569	`$uid = $_SESSION['sessData']['userID'];`
		570
		571	`$sql = "SELECT created, access`
		572	`FROM pricemonitor`
		573	`WHERE userId = '$uid'";`
		574
		575	`if ($result = mysqli_query($conn, $sql)) {`
		576	`if (mysqli_num_rows($result) > 0) {`
		577	`if ($row = mysqli_fetch_assoc($result)) {`
		578	`$_SESSION['priceMonitor']['created'] = $row['created'];`
		579	`$_SESSION['priceMonitor']['access'] = $row['access'];`
110	-	580	`if ($_SESSION['priceMonitor']['created'] > $_SESSION['priceMonitor']['access']) {`
79	-	581	`$_SESSION['priceMonitor']['newFlag'] = true;`
		582	`} else {`
		583	`$_SESSION['priceMonitor']['newFlag'] = false;`
		584	`}`
78	-	585
		586	`return 0;`
		587	`}`
		588	`}`
		589	`}`
		590	`else if (mysqli_errno($conn)) {`
		591	`error_log("MySQL Read Price Monitor SQL: " . $sql);`
		592	`error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		593	`}`
		594
		595	`return -1;`
		596	`}`
		597
		598
		599	`function getPriceMonitor() {`
127	-	600	`$xh = new Html;`
		601	`$xh->init($_SESSION["htmlIndent"]);`
		602
107	-	603	`if (!isLoggedIn()) {`
127	-	604	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		605	`$xh->tag('div');`
		606	`$xh->add_attribute("class", "display-6");`
		607	`$xh->tag('p');`
		608	`$xh->add_attribute("class", "material-icons");`
		609	`$xh->tag('i', "error_outline");`
		610	`$xh->tag('span', " Please login to your Find Cheap Music account in order to see the price monitor results.");`
		611	`$xh->close(); // p`
		612	`$xh->close(); // div`
		613
		614	`$html = $xh->flush();`
		615	`//error_log(print_r($html, 1));`
		616
		617	`return $html;`
107	-	618	`}`
		619
78	-	620	`$conn = MySessionHandler::getDBSessionId();`
		621
		622	`$uid = $_SESSION['sessData']['userID'];`
		623
		624	`$sql = "SELECT data`
		625	`FROM pricemonitor`
		626	`WHERE userId = '$uid'";`
		627
		628	`if ($result = mysqli_query($conn, $sql)) {`
		629	`if (mysqli_num_rows($result) > 0) {`
		630	`if ($row = mysqli_fetch_assoc($result)) {`
		631	`$access = mysqli_real_escape_string($conn, time());`
		632	`$sql = "UPDATE pricemonitor`
		633	`SET access = $access`
154	-	634	`WHERE userId = '$uid'";`
78	-	635	`if (!($result = mysqli_query($conn, $sql))) {`
		636	`error_log("MySQL Update Price Monitor SQL: " . $sql);`
		637	`error_log("MySQL Update Price Monitor Error: " . mysqli_error($conn) . " (" . $error . ")");`
		638	`}`
154	-	639
121	-	640	`$html = gzdecode(base64_decode($row['data']));`
		641	`$html = str_replace(base64_encode("xxxNONCExxx"), base64_encode($_SESSION["nonce"]), $html);`
		642	`return ($html);`
78	-	643	`}`
		644	`}`
		645	`}`
		646	`else if (mysqli_errno($conn)) {`
		647	`error_log("MySQL Read Price Monitor SQL: " . $sql);`
		648	`error_log("MySQL Read Price Monitor Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");`
		649	`}`
		650
127	-	651	`$xh->add_attribute("class", "container bg-warning text-center py-3");`
		652	`$xh->tag('div');`
		653	`$xh->add_attribute("class", "display-6");`
		654	`$xh->tag('p');`
		655	`$xh->add_attribute("class", "material-icons");`
		656	`$xh->tag('i', "bookmark");`
		657	`$xh->tag('span', " Your price monitor list is currently empty.");`
		658	`$xh->close(); // p`
		659	`$xh->close(); // div`
		660
		661	`$html = $xh->flush();`
		662	`//error_log(print_r($html, 1));`
		663
		664	`return $html;`
78	-	665	`}`

Subversion Repositories cheapmusic

(root)/www/php/wishlist.php – Rev 154