Subversion Repositories cheapmusic

Rev

Rev 138 | Rev 147 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed 

<?php
include_once ('php/hosting.php');
include_once ('php/constants.php');
include_once ('php/sessions_db.php');
include_once ('php/cryptor.php');
include_once ('php/tools.php');
include_once ('php/clsLibGTIN.php');
include_once ("php/NonceUtil.php");

error_reporting(E_ALL);

$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);
$crypt = Cryptor::getInstance($configFile['cryptor']);
$tmpSessionTab = (isset($_POST["sessionTab"]) && $_POST["sessionTab"] > 0 ? $_POST["sessionTab"] : null);
$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);
$systemConf = $configFile['system'];
unset($configFile);

session_set_cookie_params(604800, '/', '.findcheapmusic.com', true, true);
session_set_save_handler($handler, true);
if (!empty($_COOKIE['PHPSESSID'])) {
    session_id($_COOKIE['PHPSESSID']);
}
session_start();

initSessionVariables($systemConf);

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    if (!getPGV("nonce") || NonceUtil::check($systemConf["nonce_secret"], getPGV("nonce")) === false) {
        exit;
    }

    $barcode = getPGV("barcode");


    if ($_POST["submitBtn"] == "check") {
        if (empty($barcode) || !is_numeric($barcode) || strlen($barcode) > 14 || strlen($barcode) < 8) {
            myExit("Invalid Barcode", null, true);
        }

        $type = clsLibGTIN::GTINCheck($barcode, false, 1);
        $value = clsLibGTIN::GTINCheck($barcode);
        if (!$type) {
            myExit("Barcode does not have a valid check digit", null, true);
        } else {
            myExit("Valid barcode<br>" . $type . " " . $value, $value);
        }
    } else if ($_POST["submitBtn"] == "calc") {
        if (empty($barcode) || strlen($barcode) > 14 || strlen($barcode) < 8) {
            myExit("Invalid Barcode", null, true);
        }

        $type = clsLibGTIN::GTINCheck($barcode, false, 1);
        $value = clsLibGTIN::GTINCheck($barcode);
        if ($type) {
            myExit("Barcode already has a valid check digit" . "<br>" . $type . " " . $value, $value);
        } else if (strlen($barcode) > 13) {
            myExit("Invalid Barcode", null, true);
        }
        $res = $checkDigit = clsLibGTIN::GTINCalcCheckDigit($barcode);
        $type = clsLibGTIN::GTINCheck($barcode . $checkDigit, false, 1);
        $value = clsLibGTIN::GTINCheck($barcode . $checkDigit);
        if (!$res || !$type) {
            myExit("Invalid Barcode", null, true);
        }
        $type = clsLibGTIN::GTINCheck($barcode . $checkDigit, false, 1);
        $value = clsLibGTIN::GTINCheck($barcode . $checkDigit);
        myExit("Check Digit is " . $checkDigit . "<br>" . $type . " " . $value, $value);
    }
}

MySessionHandler::commit(session_id());
exit;

function myExit($msg, $value, $isError = false) {
    $xh = new HTML;
    $xh->init($_SESSION["htmlIndent"]);
    $xh->add_attribute("class", ($isError ? "alert alert-danger" : "text-success"));
    $xh->tag('span', $msg);

    $html = $xh->flush();
//    error_log(print_r($html, 1));
    echo $html;

    if (!$isError && !empty($value)) {
        $xh->add_attribute("class", "mt-3");
        $xh->tag('div');
            $xh->add_attribute("id", "barcodeSearchForm");
            $xh->add_attribute("method", "post");
            $xh->add_attribute("action", "/index.php");
            $xh->tag('form');
                $xh->insert_code(inputSessionTab());
                $xh->add_attribute("id", "barcodeSearchTerm");
                $xh->add_attribute("type", "hidden");
                $xh->add_attribute("name", "searchTerm");
                $xh->add_attribute("value", $value);
                $xh->single_tag('input');
                $xh->add_attribute("id", "barcodeSearchBtn");
                $xh->add_attribute("type", "submit");
                $xh->add_attribute("class", "btn btn-success");
                $xh->add_attribute("name", "submitBtn");
                $xh->add_attribute("value", "Search");
                $xh->tag('button');
                    $xh->add_attribute("class", "material-icons material-text");
                    $xh->tag('i', "search");
                   $xh->tag('span', " Search $value");
                $xh->close(); //span
            $xh->close(); // form
        $xh->close(); // div

        $html = $xh->flush();
//        error_log(print_r($html, 1));
        echo $html;

        saveBarcodeSearch($value);
    }
    MySessionHandler::commit(session_id());
    exit;
}

function saveBarcodeSearch($value) {
    $_sess_db = MySessionHandler::getDBSessionId();

    $access = mysqli_real_escape_string($_sess_db, time());
    $barcode = mysqli_real_escape_string($_sess_db, $value);
    $userId = (empty($_SESSION['sessData']['userID']) ? 'NULL' : $_SESSION['sessData']['userID']);
    $ip = inet_pton($_SERVER['REMOTE_ADDR']);

    $sql = "INSERT
            INTO barcodeChecks
            (sessId, access, ip, barcode, userId)
            VALUES  ('" . session_id() . "', '$access', '$ip', '$barcode', $userId)";

    if (!mysqli_query($_sess_db, $sql)) {
        error_log("Error: " . $sql . " | " . mysqli_error($_sess_db));
    }

}