Subversion Repositories cheapmusic

Rev

Rev 61 | Rev 68 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
45 - 1 
<?php
65 - 2 
include_once ('php/clsLibGTIN.php');
3 
include_once ('php/constants.php');
45 - 4 
 
5 
error_reporting(E_ALL);
6 
 
65 - 7 
// add new entry to wishlist
52 - 8 
function addWishlist($uid, $wlArr) {
50 - 9 
    $nul = 'NULL';
45 - 10 
    $conn = MySessionHandler::getDBSessionId();
11 
 
12 
    $created = mysqli_real_escape_string($conn, time());
13 
    $modified = $created;
14 
 
52 - 15 
    $uid = mysqli_real_escape_string($conn, $uid);
16 
    $mid = isset($wlArr->{'mid'}) ? mysqli_real_escape_string($conn, $wlArr->{'mid'}) : "";
17 
    $rid = isset($wlArr->{'rid'}) ? mysqli_real_escape_string($conn, $wlArr->{'rid'}) : "";
50 - 18 
    $barcode = (empty($wlArr->{'barcode'}) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr->{'barcode'}) . "'");
19 
    $title = isset($wlArr->{'title'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'title'}) . "'" : "NULL";
20 
    $artist = isset($wlArr->{'artist'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'artist'}) . "'" : "NULL";
45 - 21 
    $format = 'Any';
46 - 22 
    $currency = 'USD'; //bugbug
45 - 23 
    $price = 'NULL';
50 - 24 
    $url = isset($wlArr->{'url'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'url'}) . "'" : "NULL";
25 
    $thumbnail = isset($wlArr->{'thumbnail'}) ? "'" . mysqli_real_escape_string($conn, $wlArr->{'thumbnail'}) . "'" : "NULL";
45 - 26 
 
27 
    $sql = "INSERT
28 
            INTO wishlist
50 - 29 
            (id, created, modified, uid, mid, rid, barcode, title, artist, format, currency, price, url, thumbnail)
52 - 30 
            VALUES (NULL, '$created', '$modified', '$uid', '$mid', '$rid', " . $barcode . ", " . $title . ", " . $artist . ", '$format', '$currency', '$price', " . $url . ", " . $thumbnail . ")";
45 - 31 
 
32 
    if ($result = mysqli_query($conn, $sql)) {
52 - 33 
        return 0;
65 - 34 
    }
35 
    else {
45 - 36 
        $error = mysqli_errno($conn);
37 
        if ($error == 1062) {
52 - 38 
            return 1;
65 - 39 
        }
40 
        else {
45 - 41 
            error_log("MySQL Read Wishlist SQL: " . $sql);
52 - 42 
            error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");
43 
            return -1;
45 - 44 
        }
45 
    }
46 
 
52 - 47 
    return -1;
45 - 48 
}
49 
 
46 - 50 
function checkWishlist($type, $id) {
45 - 51 
    $conn = MySessionHandler::getDBSessionId();
52 
 
52 - 53 
    $uid = mysqli_real_escape_string($conn, $_SESSION['sessData']['userID']);
45 - 54 
 
55 
    $sql = "SELECT id
56 
            FROM wishlist
46 - 57 
            WHERE uid = '$uid' and " . ($type == "master" ? "mid" : "rid") . " = '$id'";
45 - 58 
 
59 
    if ($result = mysqli_query($conn, $sql)) {
60 
        if (mysqli_num_rows($result) > 0) {
61 
            return true;
62 
        }
63 
    }
65 - 64 
    else if (mysqli_errno($conn)) {
65 
        error_log("MySQL Check Wishlist SQL: " . $sql);
66 
        error_log("MySQL Check Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
67 
        return true;
68 
    }
45 - 69 
 
70 
    return false;
46 - 71 
}
72 
 
73 
function getWishlist() {
74 
    $str = '';
75 
    $conn = MySessionHandler::getDBSessionId();
76 
 
77 
    $uid = $_SESSION['sessData']['userID'];
78 
 
79 
    $sql = "SELECT *
80 
            FROM wishlist
81 
            WHERE uid = '$uid'";
82 
 
83 
    if ($result = mysqli_query($conn, $sql)) {
84 
        if (mysqli_num_rows($result) > 0) {
58 - 85 
            $str .= "<div class=\"container\">";
52 - 86 
            $str .= "<div class=\"input-group mt-3\">";
87 
            $str .= "<div class=\"input-group-prepend\">";
88 
            $str .= "<span class=\"input-group-text\"><i class=\"fas fa-search\"></i></span>";
89 
            $str .= "</div>";
90 
            $str .= "<input type=\"text\" class=\"form-control\" id=\"tableFilter\" onkeyup=\"filterWishlist();\" placeholder=\"Search for names..\">";
91 
            $str .= "<div class=\"input-group-append\" id=\"tableFilterButton\">";
92 
            $str .= "<button type=\"button\" class=\"btn rounded\" onclick=\"document.getElementById('tableFilter').value='';filterWishlist();\"><i class=\"fas fa-window-close\"></i></button>";
93 
            $str .= "</div>";
94 
            $str .= "</div>";
95 
 
61 - 96 
            $str .= "<form method=\"post\" action=\"/index.php\">";
97 
            $str .= "<input type=\"hidden\" name=\"sessionTab\" value=\"" . MySessionHandler::getSessionTab() . "\">";
98 
            $str .= "<input id=\"discogsTitle\" type=\"hidden\" name=\"discogsTitle\" value=\"\">";
99 
            $str .= "<input id=\"discogsArtist\" type=\"hidden\" name=\"discogsArtist\" value=\"\">";
100 
            $str .= "<input id=\"discogsBarcode\" type=\"hidden\" name=\"discogsBarcode\" value=\"\">";
58 - 101 
            $str .= "<div class=\"table-responsive\">";
65 - 102 
            $str .= "<table id=\"wishlistTable\" class=\"table table-striped table-condensed small\">";
103 
            $str .= "<thead class=\"thead-dark sticky-top\">";
104 
            $str .= "<tr><th></th>";
105 
            $str .= "<th class=\"text-left cursor-pointer\" onclick=\"sortTable('wishlistTable', 1, 'text')\"><span class=\"nowrap\">Artist <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";
106 
            $str .= "<th class=\"text-left cursor-pointer\" onclick=\"sortTable('wishlistTable', 2, 'text')\"><span class=\"text-nowrap\">Title <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";
107 
            $str .= "<th class=\"d-none\"></th>";
108 
            $str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 4, 'text')\"><span class=\"text-nowrap\">Barcode <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";
109 
            $str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 5, 'text')\"><span class=\"text-nowrap\">Format <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";
110 
            $str .= "<th class=\"d-none\">Ceiling Price Number</th>";
111 
            $str .= "<th class=\"cursor-pointer\" onclick=\"sortTable('wishlistTable', 6, 'currency')\"><span class=\"text-nowrap\">Price <i class=\"fas fa-caret-up\"></i><i class=\"fas fa-caret-down\"></i></span></th>";
112 
            $str .= "<th></th><th class=\"d-none\"></th></tr></thead>";
113 
            $str .= "<tbody>";
46 - 114 
 
65 - 115 
            while ($row = mysqli_fetch_assoc($result)) {
52 - 116 
                $artist = (empty($row["artist"]) ? "Various" : sanitizeInput2($row["artist"]));
117 
                $altText = "Image for " . sanitizeInput2($row['title']) . " by " . $artist;
46 - 118 
                $price = print_monetary($row['price'], $row['currency']);
52 - 119 
                $searchTitle = 'Searching for:<br><br><strong>' . sanitizeInput2($row['title']) . " by " . $artist;
50 - 120 
                if ($row['barcode'] !== null) {
121 
                    $searchTitle .= " (" . displayBarcode($row['barcode']) . ")";
122 
                }
52 - 123 
                $searchTitle .= "</strong>";
47 - 124 
 
46 - 125 
                $str .= "<tr>";
65 - 126 
                $str .= "<td><img class=\"img-fluid wishlist-img\" src=\"" . $row["thumbnail"] . "\" alt=\"" . $altText . "\"></td>";
127 
                $str .= "<td>$artist</td>";
128 
                $str .= "<td>" . $row['title'] . "</td>";
129 
                $str .= "<td class=\"d-none\">" . $row['barcode'] . "</td>";
130 
                $str .= "<td>" . displayBarcode($row['barcode']) . "</td>";
131 
                $str .= "<td>" . $row['format'] . "</td>";
132 
                $str .= "<td class=\"d-none\">" . $row['price'] . "</td>";
133 
                $str .= "<td>" . $price . "</td>";
134 
                $str .= "<td><span class=\"text-nowrap\"><button class=\"btn rounded btn-wishlist\" type=\"button\" onclick=\"editWishlist('" . $row["id"] . "',this); return true;\" data-toggle=\"tooltip\" title=\"Edit\"><i class=\"fas fa-edit\"></i></button>";
135 
                $str .= "<button class=\"btn rounded btn-wishlist\" type=\"button\" onclick=\"deleteWishlist('" . $row["id"] . "',this,'" . sanitizeInput2($row['title']) . "','" . $artist . "'); return true;\" data-toggle=\"tooltip\" title=\"Delete\"><i class=\"fas fa-window-close btn-wishlist-delete\"></i></button>";
136 
                $str .= "<a class=\"btn rounded btn-wishlist\" role=\"button\" data-toggle=\"tooltip\" title=\"Information\" href=\"" . $row['url'] . "\" target=\"_blank\"><i class=\"fas fa-info-circle\"></i></a>";
61 - 137 
                $str .= "<button type=\"submit\" name=\"submit\" value=\"discogsSearch\" class=\"btn rounded btn-wishlist\" onclick=\"document.getElementById('discogsTitle').value = '" . sanitizeInput2($row['title']) . "';document.getElementById('discogsArtist').value = '" . sanitizeInput2($row['artist']) . "';document.getElementById('discogsBarcode').value = '" . sanitizeInput2($row['barcode']) . "';progressBar('" . sanitizeInput2($searchTitle) . "');\"><i class=\"fas fa-search\" title=\"Search for Sales Offers\" data-toggle=\"tooltip\"></i></button></span></td>";
65 - 138 
                $str .= "<td class=\"d-none\" id=\"wlIdRow" . $row['id'] . "\"></td>";
52 - 139 
 
65 - 140 
                $str .= "</tr>";
46 - 141 
            }
52 - 142 
 
46 - 143 
            $str .= "</tbody>";
144 
            $str .= "</table>";
58 - 145 
            $str .= "</div>";
61 - 146 
            $str .= "</form>";
52 - 147 
 
65 - 148 
            $str .= '<div class="modal fade" id="editWishlistModal">';
149 
            $str .= '    <div class="modal-dialog">';
150 
            $str .= '        <div class="modal-content">';
151 
            $str .= '            <div class="modal-header bg-primary">';
152 
            $str .= '                <h4 class="modal-title">Edit Wishlist Entry</h4>';
153 
            $str .= '            </div>';
154 
            $str .= '            <span class="mt-0" id="wlMsg"></span>';
52 - 155 
            $str .= '            <input type="hidden" name="sessionTab" value="' . MySessionHandler::getSessionTab() . '">';
156 
            $str .= '            <input type="hidden" name="wlId" id="wlId">';
65 - 157 
            $str .= '            <div class="modal-body">';
158 
            $str .= '                <div class="form-group">';
159 
            $str .= '                    <label for="wlArtist">Artist:</label>';
160 
            $str .= '                    <input type="text" class="form-control" id="wlArtist">';
161 
            $str .= '                </div>';
162 
            $str .= '                <div class="form-group">';
163 
            $str .= '                    <label for="wlTitle">Title:</label>';
164 
            $str .= '                    <input type="text" class="form-control" id="wlTitle">';
165 
            $str .= '                </div>';
166 
            $str .= '                <div class="form-group">';
167 
            $str .= '                    <label for="wlBarcode">Barcode:</label>';
168 
            $str .= '                    <input type="text" class="form-control" id="wlBarcode">';
169 
            $str .= '                </div>';
170 
            $str .= '                <div class="form-group">';
171 
            $str .= '                    <label for="wlFormat">Format:</label>';
172 
            $str .= '                    <select class="form-control" id="wlFormat">';
173 
            $str .= '                    <option>Any</option>';
174 
            $str .= '                    <option>CD</option>';
175 
            $str .= '                    <option>Record</option>';
176 
            $str .= '                    <option>Digital</option>';
177 
            $str .= '                    <option>Book</option>';
178 
            $str .= '                    </select>';
179 
            $str .= '                </div>';
180 
            $str .= '                <div class="form-group">';
181 
            $str .= '                    <label for="wlPrice">Ceiling Price:</label>';
182 
            $str .= '                    <input type="text" class="form-control" id="wlPrice">';
183 
            $str .= '                </div>';
184 
            $str .= '            </div>';
185 
            $str .= '            <div class="modal-footer bg-primary">';
186 
            $str .= '                <button type="button" class="btn btn-success" name="submit" value="Save" onclick="saveEditedWishlist(); return true;">Save</button>';
187 
            $str .= '                <button type="button" class="btn btn-danger" data-dismiss="modal">Cancel</button>';
188 
            $str .= '            </div>';
189 
            $str .= '        </div>';
190 
            $str .= '    </div>';
191 
            $str .= '</div>';
192 
            $str .= '</div>';
193 
        }
194 
        else {
58 - 195 
            $str .= "<div class=\"container bg-warning text-center py-3\"><h3><i class=\"fas fa-bookmark\"></i> Your wishlist is currently empty. Add matching albums from the search results.</h3></div>";
46 - 196 
        }
197 
    }
65 - 198 
    else if (mysqli_errno($conn)) {
199 
        error_log("MySQL Read Wishlist SQL: " . $sql);
200 
        error_log("MySQL Read Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
201 
    }
46 - 202 
 
203 
    return $str;
52 - 204 
}
205 
 
206 
function deleteWishlist($uid, $id) {
207 
    $conn = MySessionHandler::getDBSessionId();
208 
 
209 
    $id = mysqli_real_escape_string($conn, $id);
210 
    $uid = mysqli_real_escape_string($conn, $uid);
211 
 
212 
    $sql = "DELETE FROM wishlist WHERE id = $id AND uid = $uid;";
213 
 
214 
    if (!($result = mysqli_query($conn, $sql))) {
65 - 215 
        error_log("MySQL Delete Wishlist SQL: " . $sql);
216 
        error_log("MySQL Delete Wishlist Error: " . mysqli_error($conn) . " (" . mysqli_errno($conn) . ")");
217 
        return -1;
52 - 218 
    }
219 
 
220 
    return 0;
221 
}
222 
 
223 
function updateWishlist($uid, $wlArr) {
224 
    $nul = 'NULL';
225 
    $conn = MySessionHandler::getDBSessionId();
226 
 
227 
    $modified = mysqli_real_escape_string($conn, time());
228 
 
229 
    $id = (empty($wlArr['id']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['id']) . "'");
230 
    $uid = mysqli_real_escape_string($conn, $uid);
231 
    $barcode = (empty($wlArr['barcode']) ? "NULL" : "'" . mysqli_real_escape_string($conn, $wlArr['barcode']) . "'");
232 
    $title = isset($wlArr['title']) ? "'" . mysqli_real_escape_string($conn, $wlArr['title']) . "'" : "NULL";
233 
    $artist = isset($wlArr['artist']) ? "'" . mysqli_real_escape_string($conn, $wlArr['artist']) . "'" : "NULL";
234 
    $format = isset($wlArr['format']) ? mysqli_real_escape_string($conn, $wlArr['format']) : "Any";
235 
    $currency = 'USD'; //bugbug
236 
    $price = isset($wlArr['price']) ? "'" . mysqli_real_escape_string($conn, $wlArr['price']) . "'" : "NULL";
237 
 
238 
    $sql = "UPDATE wishlist
239 
            SET modified='$modified', barcode=" . $barcode . ", title=" . $title . ", artist=" . $artist . ", format='$format', price=" . $price . "
240 
            WHERE id=$id and uid=$uid";
241 
 
242 
    if ($result = mysqli_query($conn, $sql)) {
243 
        return 0;
65 - 244 
    }
245 
    else {
52 - 246 
        error_log("MySQL Update Wishlist SQL: " . $sql);
247 
        error_log("MySQL Update Wishlist Error: " . mysqli_error($conn) . " (" . $error . ")");
248 
        return -1;
249 
    }
250 
 
251 
    return -1;
252 
}