Subversion Repositories cheapmusic

Rev

Rev 1 | Blame | Last modification | View Log | RSS feed 

<?php
if ($_SERVER["SERVER_NAME"] == "www.findcheapmusic.com") {
  header("Strict-Transport-Security: max-age=31536000; includeSubDomains; preload");
  header("X-Content-Type-Options: nosniff");
  header("X-XSS-Protection: 1; mode=block");
  header("Access-Control-Allow-Origin: *");
  header("Referrer-Policy: no-referrer");
  header("X-Frame-Options: SAMEORIGIN");
  header("Set-Cookie: ^(.*)$ $1;HttpOnly;Secure");
  header("Content-Security-Policy: default-src 'none'; form-action 'self'; img-src 'self' data: https://thumbs1.ebaystatic.com https://thumbs2.ebaystatic.com https://thumbs3.ebaystatic.com https://thumbs4.ebaystatic.com; script-src 'self' 'unsafe-inline' https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/;frame-ancestors 'self'");
}

ini_set("session.cookie_httponly", 1);
ini_set("session.cookie_secure", 1);
session_start();
?>
<!DOCTYPE html>
<html lang="en-US">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    <title>Find Cheap Music...</title>
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js" integrity="sha384-JUMjoW8OzDJw4oFpWIB2Bu/c6768ObEthBMVSiIx4ruBIEdyNSUQAjJNFqT5pnJ6" crossorigin="anonymous"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
    <link rel="stylesheet" href="css/style.css" integrity="sha384-khCExHaxRuG3tuk6qjjM4ZLqC5yP1Tn/TbpDK8SVBBjb1DEwrMX9VVH5a3SEeC3W" crossorigin="anonymous">
    <!-- Global site tag (gtag.js) - Google Analytics -->
    <!--script async src="https://www.googletagmanager.com/gtag/js?id=UA-138428761-2"></script-->
    <!--script src="/js/gtag.js" integrity="sha384-ZoAmOe9K3AXr6ONEK6njtE/HMsMvyjck9EfsgXdZLG7rEiz5GqXEk3RQc2cFIRNY" crossorigin="anonymous"></script-->
</head>
<body>

<?php
include_once('php/clsLibGTIN.php');
include_once('php/tools.php');

$searchKeywords = file_get_contents('snippets/searchKeywordTooltip.html');
$filterWarnings = '';

initSV("buyerCountry", "United States");
initSV("buyerCurrency", "USD");
initSV("filterConditionNew", true);
initSV("filterConditionUsed", true);
initSV("filterMediaTypeCD", true);
initSV("filterMediaTypeRecord", false);
initSV("filterMediaTypeDigital", false);

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    ////echo "<pre>"; print_r($_POST); print_r($_SESSION); echo "</pre>";
    if ($_POST["submit"] == "Search") {
      $zip = test_input($_POST['buyerZip']);
      if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/",$zip)) {
        $_SESSION["buyerZip"] = $zip;
      } else if (strlen($zip) == 0) {
        unset($_SESSION["buyerZip"]);
      }  

      if (empty($_POST["upc"])) {
        // ???
      } else {
        $_SESSION["searchTerm"] = test_input($_POST["upc"]);

        $barcodeType = clsLibGTIN::GTINCheck($_SESSION["searchTerm"], false, 1);
        $barcodeValue = clsLibGTIN::GTINCheck($_SESSION["searchTerm"]);
    
        $arr = [];
        $arr = searchAll($_SESSION["searchTerm"]);
    
        // $arr2 = filterTable($arr);    
        $_SESSION["lowUsed"] = findLowest($arr, "Used");
        $_SESSION["lowNew"] = findLowest($arr, "New");
        $_SESSION["lowDigital"] = findLowest($arr, "Digital");
        $_SESSION["itemTable"] = buildTable($arr);
      }
    } else if ($_POST["submit"] == "Save") {
      $_SESSION["filterConditionNew"] = checkPV("filterConditionNew");
      $_SESSION["filterConditionUsed"] = checkPV("filterConditionUsed");
      $_SESSION["filterMediaTypeCD"] = checkPV("filterMediaTypeCD");
      $_SESSION["filterMediaTypeRecord"] = checkPV("filterMediaTypeRecord");
      $_SESSION["filterMediaTypeDigital"] = checkPV("filterMediaTypeDigital");
      
      $filterError = false;
      if (!$_SESSION["filterConditionNew"] && !$_SESSION["filterConditionUsed"]) {
        $filterWarnings .= '<div class="alert alert-danger">Please select at least one Condition (New or Used)</div>';
        $filterError = true;
      }
      
      if (!$_SESSION["filterMediaTypeCD"] && !$_SESSION["filterMediaTypeRecord"] && !$_SESSION["filterMediaTypeDigital"]) {
        $filterWarnings .= '<div class="alert alert-danger">Please select at least one Media Type (CD, Record or Digital)</div>';        
        $filterError = true;
      }

      if (!$filterError) {
// BUGBUG avoid re-search
$arr = [];
$arr = searchAll($_SESSION["searchTerm"]);
$_SESSION["lowUsed"] = findLowest($arr, "Used");
$_SESSION["lowNew"] = findLowest($arr, "New");
$_SESSION["lowDigital"] = findLowest($arr, "Digital");
$_SESSION["itemTable"] = buildTable($arr);

        // $arr2 = filterTable($arr);    
        // $_SESSION["lowUsed"] = findLowest($arr2, "Used");
        // $_SESSION["lowNew"] = findLowest($arr2, "New");
        // $_SESSION["lowDigital"] = findLowest($arr2, "Digital");
        // $_SESSION["itemTable"] = buildTable($arr2);
      }
    }
}
?>

    <nav class="navbar navbar-expand-sm bg-dark navbar-dark">
        <a class="navbar-brand" href="#">Home</a>
        <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleNavbar">
            <span class="navbar-toggler-icon"></span>
        </button>
        <div class="collapse navbar-collapse" id="collapsibleNavbar">
            <ul class="navbar-nav">
                <li class="nav-item">
                    <a class="nav-link" href="terms.html">Terms of Service</a>
                </li>
                <li class="nav-item">
                    <a class="nav-link" href="privacy.html">Privacy Policy</a>
                </li>
            </ul>
        </div>
    </nav>

    <div class="page-header bg-secondary">
        <div class="container text-center">
            <h1>Find Cheap Music...</h1>
            <p class="hide-small">Find the cheapest music online. Advertisement free website.</p>
        </div>
    </div>

        <div class="container-fluid">
        <?php echo $filterWarnings; ?>
        <form method="post" action="/index.php"
            onsubmit="document.getElementById('search').innerHTML = '&lt;span class=\'spinner-border spinner-border-sm\'&gt;&lt;/span&gt; Searching, please wait...';">
                <div class="input-group mb-3">
                <div class="input-group-prepend">
                        <img class="input-group-text img-fluid" style="max-height:38px" title="<?php echo $searchKeywords; ?>" data-toggle="tooltip" data-html="true" data-placement="auto" data-delay="100" src="/images/info.png">
                        <a class="input-group-text" data-toggle="modal" href="#filterModal" data-keyboard="false"><img class="img-fluid" style="max-height:25px" src="/images/filter.png" alt="Search Filter"></a>
                </div>
                <input name="upc" type="text" class="form-control" placeholder="Search by Barcode, Label, Artist, Title, ..." value="<?php echo getSV("searchTerm") ?>">
                <div class="input-group-append">
                    <button id="search" type="submit" class="btn btn-success" name="submit" value="Search">Go</button>
                </div>
                </div>
                <div class="input-group input-group-sm mb-3">
                <div class="input-group-prepend input-group-sm">
                                <input type="text" class="form-control border-0"  maxlength="12" size="12" placeholder="Shipping to:">
                                <input type="text" class="form-control"  maxlength="20" size="20" id="buyerCountry" name="buyerCountry" value="United States" readonly>
                        <input type="text" class="form-control" maxlength="3" size="3" id="buyerCurrency" name="buyerCurrency" value="USD" readonly>
                    <input type="text" class="form-control" maxlength="5" size="5" id="buyerZip" name="buyerZip" placeholder="Zip Code" value="<?php echo getSV('buyerZip'); ?>">
                </div>
                    <?php
                        if (getSV('buyerZip') == '') {
                        echo '<div class="input-group-append input-group-sm">';
                                echo '  <img class="input-group-text img-fluid"  style="max-height:31px" title="Please enter your postal code to get the accurate shipping cost for items listed using a rate table" data-toggle="tooltip" data-placement="auto" data-delay="100" src="/images/warning.png">';
                        echo '</div>';                    }
                ?>
                </div>
                <div class="input-group mb-3">
                </div>
        </form>
    </div>

    <hr>

<?php

    echo printTableHeader();
    echo getSV("itemTable");
    echo printSearchFilterModal();
?>

    <footer class="container-fluid text-center">
        <p>Disclaimer: As an Associate we earn from qualifying purchases.</p>
        <p>Copyright &#169; 2019 FindCheapMusic.com. All rights reserved.</p>
    </footer>

    <script src="/js/tooltip.js" integrity="sha384-RySBj8L2blcDPtmumEPwxSRsRne8Rb6+H1mTTeCZ6/Zo3VJR1FRHn3XG1NgYqYx+" crossorigin="anonymous"></script>
    <script src="/js/disableSubmit.js" integrity="sha384-bWbxxiPngRC4S0dntyF76TZxF3MQ9rc7ebUKhHzn7UnyTpED8UmWRMpDPwceXtWV" crossorigin="anonymous"></script>
</body>
</html>