Rev 116 | Rev 120 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<?phpinclude_once ($_SERVER['DOCUMENT_ROOT'] . "/php/dnsexit.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/NonceUtil.php");error_reporting(E_ALL);$userData = [];$userTheme = 'default';$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);$crypt = Cryptor::getInstance($configFile['cryptor']);$tmpSessionTab = (!empty(getPGV("sessionTab")) && getPGV("sessionTab") > 0 ? getPGV("sessionTab"): null);$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);$vendors = Vendors::getInstance();Vendors::setAllVendors($configFile, $vendors);$nonceSecret = $configFile['nonce']['secret'];unset($configFile);ini_set("session.cookie_httponly", 1);ini_set("session.cookie_secure", 1);session_set_save_handler($handler, true);if (!empty($_COOKIE['PHPSESSID'])) {session_id($_COOKIE['PHPSESSID']);}session_start();$_SESSION["nonce"] = NonceUtil::generate($nonceSecret);include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/csp.php");// Check whether user ID is available in cookieif (!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash']) && empty($_SESSION['sessData']['loginType'])) {require_once 'login/includes/config.php';require_once 'login/includes/User.class.php';require_once 'login/includes/password.php';$user = new User();$conditions['where'] = array('id' => $_COOKIE['rememberUserId']);$conditions['return_type'] = 'single';$userData = $user->getRows($conditions);if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {$_SESSION['sessData']['userLoggedIn'] = true;$_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];$userPicture = getUserImage($userData);$userTheme = $userData['theme'];$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');if (empty($_SESSION["manualFilter"])) {$_SESSION['buyer']['Zip'] = $userData['zip'];$_SESSION['buyer']['Country'] = 'United States';$_SESSION['buyer']['Currency'] = 'USD';$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];}}else {unsetSessData();}// or if the user has already logged in}else if (isLoggedIn()) {require_once 'login/includes/config.php';require_once 'login/includes/User.class.php';require_once 'login/includes/password.php';$user = new User();$conditions['where'] = array('id' => $_SESSION['sessData']['userID']);$conditions['return_type'] = 'single';$userData = $user->getRows($conditions);if (!empty($userData)) {$userPicture = getUserImage($userData);$userTheme = $userData['theme'];$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');if (empty($_SESSION["manualFilter"])) {$_SESSION['buyer']['Zip'] = $userData['zip'];$_SESSION['buyer']['Country'] = 'United States';$_SESSION['buyer']['Currency'] = 'USD';$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];}}else {unsetSessData();}// not logged in}else {unsetSessData();}checkPriceMonitor();?><!DOCTYPE html><html lang="en-US"><head><title>Find Cheap Music | CDs, Records, Digital, Books and Sheets</title><meta name="keywords" content="Cheap,Music,Album,Single,Promo,CD,Compact Disc,Vinyl,Record,Digital,Download,Sheet,Book"><?php echo metaDescription(getPGV('submit')); ?><?php include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/header.php"); ?><?php echo file_get_contents('snippets/fb_tw.txt'); ?></head><body><?phpif ($_SERVER["SERVER_NAME"] == "www.findcheapmusic.com") {echo '<noscript nonce="' . base64_encode($_SESSION["nonce"]) . '"><iframe src="https://www.googletagmanager.com/ns.html?id="GTM-PCNTXZ7" height="0" width="0" style="display:none;visibility:hidden" title="Tagmanager"></iframe></noscript>';}initSessionVariables();if ($_SERVER["REQUEST_METHOD"] == "POST") {if ($_POST["submit"] == "Search") {if (empty($_SESSION['buyer']['Zip'])) {$zip = (empty($_POST['buyerZip']) ? "" : sanitizeInput($_POST['buyerZip']));if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {if ($_SESSION["buyer"]["Zip"] != $zip) {$_SESSION["manualFilter"] = true;$_SESSION["buyer"]["Zip"] = $zip;}}else if (strlen($zip) == 0) {$_SESSION["buyer"]["Zip"] = "";}}$_SESSION["discogsTitle"] = "";$_SESSION["discogsArtist"] = "";$searchTerm = (empty($_POST['searchTerm']) ? "" : searchFriendlyString($_POST['searchTerm']));if (empty($searchTerm)) {resetSessionVars();}else {$_SESSION["searchTerm"] = $searchTerm;performSearch();}}else if ($_POST["submit"] == "Save") {$_SESSION["manualFilter"] = true;if (!isset($_POST["filterCondition"])) {$_POST["filterCondition"] = []; }if (!is_array($_POST["filterCondition"])) { $_POST["filterCondition"] = [ $_POST["filterCondition"] ];}$_SESSION["filterCondition"]["New"] = in_array("New", $_POST["filterCondition"]);$_SESSION["filterCondition"]["Used"] = in_array("Used", $_POST["filterCondition"]);if (!isset($_POST["filterMediaType"])) {$_POST["filterMediaType"] = []; }if (!is_array($_POST["filterMediaType"])) { $_POST["filterMediaType"] = [ $_POST["filterMediaType"] ];}$_SESSION["filterMediaType"]["CD"] = in_array("CD", $_POST["filterMediaType"]);$_SESSION["filterMediaType"]["Record"] = in_array("Record", $_POST["filterMediaType"]);$_SESSION["filterMediaType"]["Digital"] = in_array("Digital", $_POST["filterMediaType"]);$_SESSION["filterMediaType"]["Book"] = in_array("Book", $_POST["filterMediaType"]);$_SESSION["discogsTitle"] = "";$_SESSION["discogsArtist"] = "";$searchTerm = searchFriendlyString($_POST['searchTerm']);if (empty($searchTerm)) {resetSessionVars();}else {$_SESSION["searchTerm"] = $searchTerm;performSearch();}}else if ($_POST["submit"] == "discogsSearch") {$searchTerm = "";if (!empty($_POST['discogsBarcode'])) {$searchTerm = searchFriendlyString($_POST['discogsBarcode']);}else {if (!empty($_POST['discogsTitle'])) {$searchTerm = $_POST['discogsTitle'];}if (!empty($_POST['discogsArtist'])) {$searchTerm .= " " . $_POST['discogsArtist'];}$searchTerm = trim($searchTerm);}if (empty($searchTerm)) {resetSessionVars();}else {$_SESSION["searchTerm"] = $searchTerm;if (isset($_POST['discogsTitle'])) {$_SESSION["discogsTitle"] = searchFriendlyString($_POST['discogsTitle']);}if (isset($_POST['discogsArtist'])) {$_SESSION["discogsArtist"] = searchFriendlyString($_POST['discogsArtist']);}performSearch();}}else if ($_POST["submit"] == "unsubscribe") {// bugbug}}else if ($_SERVER["REQUEST_METHOD"] == "GET") {if (isset($_GET['z'])) {$_SESSION["buyer"]["Zip"] = "";$zip = sanitizeInput($_GET['z']);if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {$_SESSION["buyer"]["Zip"] = $zip;}}$_SESSION["searchTerm"] = "";if (isset($_GET['q'])) {$_SESSION["searchTerm"] = searchFriendlyString($_GET["q"]);performSearch();}}?><form method="post" action="/index.php"><input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>" /><input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>" /><nav class="navbar navbar-expand-sm bg-black navbar-dark fixed-top"><div class="navbar-header"><button type="submit" name="submit" value="Search" class="btn text-white" aria-label="Go to home page">Find Cheap Music</button></div><button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleNavbar" aria-label="Open Menu"><span class="navbar-toggler-icon"></span></button><div class="collapse navbar-collapse" id="collapsibleNavbar"><ul class="navbar-nav mr-auto"><li class="nav-item"><button type="submit" name="submit" value="Search" class="nav-link btn" aria-label="Go to home page"><i class="material-icons">home</i></button></li><?php if (isLoggedIn()) { ?><li class="nav-item"><button type="submit" name="submit" value="coupons" class="nav-link btn">Coupons</button></li><li class="nav-item"><button type="submit" name="submit" value="wishlist" class="nav-link btn">Wishlist<?php if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) { echo '<scan class="badge badge-pill badge-light">New</scan>'; } ?></button></li><?php} ?><li class="nav-item d-none d-lg-block"><button type="submit" name="submit" value="terms" class="nav-link btn">Terms of Service</button></li><li class="nav-item d-none d-lg-block"><button type="submit" name="submit" value="privacy" class="nav-link btn">Privacy Policy</button></li><li class="nav-item"><a href="https://blog.findcheapmusic.com" target="_blank" rel="noreferrer noopener" class="nav-link" role="button">Blog</a></li><li class="nav-item"><button type="submit" name="submit" value="help" class="nav-link btn" aria-label="Go to Help Page"><i class="material-icons">help_outline</i></button></li></ul><ul class="navbar-nav"><?php if (!isLoggedIn()) { ?><li class="nav-item"><a href="/login/index.php" class="nav-link"><svg class="svg-24" viewBox="0 0 24 24"><path fill="currentColor" d="M10,17V14H3V10H10V7L15,12L10,17M10,2H19A2,2 0 0,1 21,4V20A2,2 0 0,1 19,22H10A2,2 0 0,1 8,20V18H10V20H19V4H10V6H8V4A2,2 0 0,1 10,2Z" /></svg> Login</a></li><?php}else { ?><li class="nav-item"><img class="img-fluid hide-extra-small hide-small user-img" src="<?php echo timeStampUrl($userPicture); ?>" alt="User Image"></li><li class="nav-item dropdown"><a class="nav-link dropdown-toggle" href="#" id="navbardrop" data-toggle="dropdown"><i class="material-icons material-text">account_box</i> Account</a><div class="dropdown-menu dropdown-menu-right"><button formaction="/login/account.php" type="submit" name="submit" value="account" class="dropdown-item btn"><svg class="svg-24" viewBox="0 0 24 24"><path fill="currentColor" d="M12,4A4,4 0 0,1 16,8A4,4 0 0,1 12,12A4,4 0 0,1 8,8A4,4 0 0,1 12,4M12,14C16.42,14 20,15.79 20,18V20H4V18C4,15.79 7.58,14 12,14Z" /></svg> Information</button><button formaction="/login/editAccount.php" type="submit" name="submit" value="editAccount" class="dropdown-item btn"><svg class="svg-24" viewBox="0 0 24 24"><path fill="currentColor" d="M21.7,13.35L20.7,14.35L18.65,12.3L19.65,11.3C19.86,11.09 20.21,11.09 20.42,11.3L21.7,12.58C21.91,12.79 21.91,13.14 21.7,13.35M12,18.94L18.06,12.88L20.11,14.93L14.06,21H12V18.94M12,14C7.58,14 4,15.79 4,18V20H10V18.11L14,14.11C13.34,14.03 12.67,14 12,14M12,4A4,4 0 0,0 8,8A4,4 0 0,0 12,12A4,4 0 0,0 16,8A4,4 0 0,0 12,4Z" /></svg> Edit Account</button><?php if (empty($_SESSION['sessData']['loginType']) || $_SESSION['sessData']['loginType'] != 'social') { ?><button formaction="/login/changePassword.php" type="submit" name="submit" value="changePassword" class="dropdown-item btn"><svg class="svg-24" viewBox="0 0 24 24"><path fill="currentColor" d="M12.63,2C18.16,2 22.64,6.5 22.64,12C22.64,17.5 18.16,22 12.63,22C9.12,22 6.05,20.18 4.26,17.43L5.84,16.18C7.25,18.47 9.76,20 12.64,20A8,8 0 0,0 20.64,12A8,8 0 0,0 12.64,4C8.56,4 5.2,7.06 4.71,11H7.47L3.73,14.73L0,11H2.69C3.19,5.95 7.45,2 12.63,2M15.59,10.24C16.09,10.25 16.5,10.65 16.5,11.16V15.77C16.5,16.27 16.09,16.69 15.58,16.69H10.05C9.54,16.69 9.13,16.27 9.13,15.77V11.16C9.13,10.65 9.54,10.25 10.04,10.24V9.23C10.04,7.7 11.29,6.46 12.81,6.46C14.34,6.46 15.59,7.7 15.59,9.23V10.24M12.81,7.86C12.06,7.86 11.44,8.47 11.44,9.23V10.24H14.19V9.23C14.19,8.47 13.57,7.86 12.81,7.86Z" /></svg> Change Password</button><?php} ?><button formaction="/login/userAccount.php?logoutSubmit=1" type="submit" name="submit" value="logout" class="dropdown-item btn"><svg class="svg-24" viewBox="0 0 24 24"><path fill="currentColor" d="M16,17V14H9V10H16V7L21,12L16,17M14,2A2,2 0 0,1 16,4V6H14V4H5V20H14V18H16V20A2,2 0 0,1 14,22H5A2,2 0 0,1 3,20V4A2,2 0 0,1 5,2H14Z" /></svg> Logout</button></div></li><?php} ?></ul></div></nav></form><div class="page-header bg-primary"><div class="container text-center py-3"><?phpif (getPGV('submit') == "terms") {echo file_get_contents('snippets/headerTerms.txt');}else if (getPGV('submit') == "privacy") {echo file_get_contents('snippets/headerPrivacy.txt');}else if (getPGV('submit') == "coupons") {echo file_get_contents('snippets/headerCoupons.txt');}else if (getPGV('submit') == "wishlist") {echo file_get_contents('snippets/headerWishlist.txt');if (!empty($_SESSION['priceMonitor'])) {?><form method="post" action="/index.php"><input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>" /><button id="priceMonitor" type="submit" class="btn btn-success rounded" name="submit" value="priceMonitor">Price Monitor Results<?php if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) { echo '<scan class="badge badge-pill badge-dark">New</scan>'; } ?></button></form><?php}}else if (getPGV('submit') == "priceMonitor") {echo file_get_contents('snippets/headerPriceMonitor.txt');}else if (getPGV('submit') == "help") {echo file_get_contents('snippets/headerHelp.txt');}else if (getPGV('submit') == "barcode") {echo file_get_contents('snippets/headerBarcode.txt');}else if (getPGV('submit') == "unsubscribe") {echo file_get_contents('snippets/unsubscribeWishlist.txt');}else {echo '<h1>Find Cheap CDs, Records, Digital, Books and Sheets</h1>';echo '<p id="textslide" class="d-none d-sm-block">Bookmark FindCheapMusic.com</p>';}?></div></div><div class="container-fluid bg-primary py-3"><form <?php if (in_array(getPGV('submit') , array("terms","privacy","coupons","wishlist","priceMonitor","help","barcode","unsubscribe"))) {echo "hidden=\"hidden\"";} ?> id="searchForm" method="post" action="/index.php" class="form-inline"onsubmit="if (document.getElementById('searchTerm').value != '') { progressBar('Searching for:<br><br><strong>' + document.getElementById('searchTerm').value.toLowerCase().replace(/(?:(^.{1})|\ [a-z]{1})/g, function(a){return a.toUpperCase();}) + '</strong>');document.getElementById('searchBtn').innerHTML = '<span class=\'spinner-border spinner-border-sm\'></span> Searching, please wait...'; }"><input id="sessionId" type="hidden" name="sessionId" value="<?php echo session_id(); ?>" /><input id="sessionTab" type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>" /><div class="hidden-default-btn"><button type="submit" name="submit" value="Search">Hidden Submit Button</button></div><div class="form-group"><div class="btn-group"><button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#searchInfoModal" data-toggle2="tooltip" title="Search Tips" aria-label="Search Tips"><i class="material-icons">info_outline</i></button><button class="btn input-group-text mx-1 rounded py-0" type="submit" name="submit" value="barcode" data-toggle="tooltip" title="Barcode Checker" aria-label="Barcode Checker" onclick="document.getElementById('searchTerm').value='';"><svg class="svg-24" viewbox="0 0 24 24"><path fill="currentColor" d="M2,6H4V18H2V6M5,6H6V18H5V6M7,6H10V18H7V6M11,6H12V18H11V6M14,6H16V18H14V6M17,6H20V18H17V6M21,6H22V18H21V6Z" /></svg></button></div></div><div class="form-group mx-1"><input id="searchTerm" list="searchHistory" name="searchTerm" type="text" class="form-control flexdatalist searchTerm-width" placeholder="Search by Barcode, Artist, Title, ..." aria-label="Search Term Input" value="<?php echo getSV("searchTerm") ?>" /><datalist id="searchHistory"><?php echo getSearchHistory(); ?></datalist></div><div class="form-group"><button id="searchBtn" type="submit" class="btn btn-success mx-1 rounded" name="submit" value="Search">Go</button></div></form></div><?phpif (getPGV('submit') == "terms") {echo file_get_contents('snippets/terms.txt');}else if (getPGV('submit') == "privacy") {echo file_get_contents('snippets/privacy.txt');}else if (getPGV('submit') == "help") {include 'php/help.php';}else if (getPGV('submit') == "barcode") {echo '<div class="container py-4 bg-light border"><div class="my-3"><p>This tool verifies Music CD barcodes or calculates the check digit.<br>See our <a href="https://blog.findcheapmusic.com/2020/03/music-cd-barcodes-and-identifiers.html" target="_blank" rel="noopener noreferrer">blog post</a> for more information about music barcodes.</p><form id="barcodeForm"><input type="hidden" name="sessionTab" value="' . MySessionHandler::getSessionTab() . '" /><input type="hidden" name="searchTerm" value="' . getSV("searchTerm") . '" /><div class="input-group mb-3"><input id="barcode" name="barcode" type="text" class="" placeholder="Enter Barcode..." aria-label="Barcode Input" /><div class="input-group-append"><button type="submit" class="btn btn-success barcodeButton" name="submit" value="check">Verify</button><button type="submit" class="btn btn-info barcodeButton" name="submit" value="calc">Calculate</button></div></div></form><div id="barcodeResult"></div></div></div>';}else if (getPGV('submit') == "coupons") {//get_linkshareCoupons(); // bugbugecho getCouponCodes();}else if (getPGV('submit') == "wishlist") {echo getWishlist();}else if (getPGV('submit') == "priceMonitor") {echo "<div id=\"productTable\" class=\"container bg-secondary border pt-2\">";echo getPriceMonitor(); // bugbugecho "</div>";}else if (getPGV('submit') == "unsubscribe") {echo unsubscribeWishlist($_GET);}else if (getPGV('submit') == "random") {findDiscogsMaster("***RANDOM***");if (!empty($_SESSION["discogs"])) {echo $_SESSION["discogs"];}}else {if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {echo $_SESSION["discogs"];echo "<div id=\"productTable\" class=\"container bg-secondary border py-2\">";echo "<h2 class=\"text-center py-2\">Store Offers</h2>";if ($_SESSION["lowestPrice"]["All"] > 0.00) {echo printResultHeader();}echo printResult();echo "</div>";}else if (!empty($_SESSION["discogs"])) {echo $_SESSION["discogs"];}else {?><div class="container-fluid text-center mb-2"><form method="post" action="/index.php"><input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>" /><input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>" /><button id="randomBtn" type="submit" class="btn btn-success mt-5 rounded" name="submit" value="random">Random Album Suggestions</button></form></div><div class="container bg-secondary border py-2 mt-4"><h2 class="text-center py-2">Getting Started</h2><p>Welcome to Find Cheap Music. Here you can search dozens of trusted online stores at once. The below information details the major website features and is also available via the link to the help page (<i class="material-icons material-text">help_outline</i>) up top.</p><hr><?php include 'php/help.php'; ?></div><?php}echo printSearchFilterModal();echo printSearchInfoModal();}?><div class="modal" id="progressBarDiv"><div class="modal-dialog modal-dialog-centered"><div class="modal-content"><div class="modal-header"><p id="progressBarHeader" class="display-6">Searching</p></div><div class="modal-body"><div class="progress"><div id="progressBar" class="progress-bar">0%</div></div></div><div class="modal-footer"><span id="progressBarMessage"></span></div></div></div></div><button onclick="topFunction()" id="topBtn" title="Go to top">Top</button><footer class="container-fluid text-center bg-primary py-5"><?php if (!empty($_SESSION["searchTerm"]) || getPGV('submit') == "priceMonitor") {echo "<p>Disclaimer: As an Associate we earn from qualifying purchases.</p>";} ?><p><a href="https://www.facebook.com/FindCheapMusic" target="_blank" rel="noopener noreferrer"><img class="socialBtn lazyload" src="data:image/png;base64,R0lGODlhAQABAAD/ACwAAAAAAQABAAACADs=" data-src="images/f_logo_RGB-Blue_58.png" alt="Facebook Logo" /></a><a href="https://twitter.com/findcheapmusic" target="_blank" rel="noopener noreferrer"><img class="socialBtn lazyload" src="data:image/png;base64,R0lGODlhAQABAAD/ACwAAAAAAQABAAACADs=" data-src="images/Twitter_Social_Icon_Circle_Color.png" alt="Twitter Logo" /></a></p><p>Copyright © <?php echo @date("Y"); ?> FindCheapMusic.com. All rights reserved.</p></footer><script nonce="<?php echo base64_encode($_SESSION["nonce"]); ?>">var quotes = [<?phpif ($file = fopen("snippets/header.txt", "r")) {while (($line = fgets($file)) !== false) {echo "\"" . trim($line) . "\",";}fclose($file);}?>]; setInterval(function() { $("#textslide").html(quotes[Math.floor(Math.random() * (quotes.length + 1))]); }, 5 * 1000);</script><?php include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/downloadAtOnload.php"); ?></body></html><?php MySessionHandler::commit(session_id()); ?>