Rev 125 | Rev 128 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<?phpinclude_once ($_SERVER['DOCUMENT_ROOT'] . "/php/hosting.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/NonceUtil.php");error_reporting(E_ALL);$userData = [];$userTheme = 'default';$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);$crypt = Cryptor::getInstance($configFile['cryptor']);$tmpSessionTab = (!empty(getPGV("sessionTab")) && getPGV("sessionTab") > 0 ? getPGV("sessionTab"): null);$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);$vendors = Vendors::getInstance();Vendors::setAllVendors($configFile, $vendors);$systemConf = $configFile['system'];unset($configFile);session_set_cookie_params(604800, '/', '.' . $systemConf["domain_name"], true, true);session_set_save_handler($handler, true);if (!empty($_COOKIE['PHPSESSID'])) {session_id($_COOKIE['PHPSESSID']);}session_start();initSessionVariables();$_SESSION["htmlIndent"] = (!empty($systemConf["htmlIndent"]) ? intval($systemConf["htmlIndent"]) : 0);$_SESSION["gtag"] = ($systemConf["g_tag"] == "1");$_SESSION["nonce"] = NonceUtil::generate($systemConf["nonce_secret"], 1800);include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/csp.php");// Check whether user ID is available in cookieif (!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash']) && empty($_SESSION['sessData']['loginType'])) {require_once 'login/includes/config.php';require_once 'login/includes/User.class.php';require_once 'login/includes/password.php';$user = new User();$conditions['where'] = array('id' => $_COOKIE['rememberUserId']);$conditions['return_type'] = 'single';$userData = $user->getRows($conditions);if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {$_SESSION['sessData']['userLoggedIn'] = true;$_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];$userPicture = getUserImage($userData);$userTheme = $userData['theme'];$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');if (empty($_SESSION["manualFilter"])) {$_SESSION['buyer']['Zip'] = $userData['zip'];$_SESSION['buyer']['Country'] = 'United States';$_SESSION['buyer']['Currency'] = 'USD';$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];}}else {unsetSessData();}// or if the user has already logged in}else if (isLoggedIn()) {require_once 'login/includes/config.php';require_once 'login/includes/User.class.php';require_once 'login/includes/password.php';$user = new User();$conditions['where'] = array('id' => $_SESSION['sessData']['userID']);$conditions['return_type'] = 'single';$userData = $user->getRows($conditions);if (!empty($userData)) {$userPicture = getUserImage($userData);$userTheme = $userData['theme'];$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');if (empty($_SESSION["manualFilter"])) {$_SESSION['buyer']['Zip'] = $userData['zip'];$_SESSION['buyer']['Country'] = 'United States';$_SESSION['buyer']['Currency'] = 'USD';$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];}}else {unsetSessData();}// not logged in}else {unsetSessData();}checkPriceMonitor();echo "<!DOCTYPE html>"; // html5$xh = new Html;$xh->init($_SESSION["htmlIndent"]);echo $xh->set_buffered(false); // bugbug bugbug bugbug bugbug bugbug bugbug bugbug bugbug bugbug bugbug bugbug$xh->add_attribute("lang", "en-US");$xh->tag('html');$xh->tag('head');$xh->tag('title', "Find Cheap Music | CDs, Records, Digital, Books and Sheets");$xh->add_attribute('name', "keywords");$xh->add_attribute('content', "Cheap,Music,Album,Single,Promo,CD,Compact Disc,Vinyl,Record,Digital,Download,Sheet,Book");$xh->single_tag('meta');$xh->insert_code(metaDescription(getPGV('submit')));$xh->insert_code(htmlHeader());$xh->insert_code(file_get_contents('snippets/fb_tw.txt'));$xh->close(); // head$xh->tag('body');if ($_SESSION["gtag"]) {$xh->add_attribute('nonce', base64_encode($_SESSION["nonce"]));$xh->tag('noscript');$xh->add_attribute("src", "https://www.googletagmanager.com/ns.html?id=GTM-PCNTXZ7");$xh->add_attribute("height", "0");$xh->add_attribute("width", "0");$xh->add_attribute("style", "display:none;visibility:hidden");$xh->add_attribute("title", "Tagmanager");$xh->tag('iframe', "");$xh->close(); // noscript}if ($_SERVER["REQUEST_METHOD"] == "POST") {if ($_POST["submit"] == "Search") {if (empty($_SESSION['buyer']['Zip'])) {$zip = (empty($_POST['buyerZip']) ? "" : sanitizeInput($_POST['buyerZip']));if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {if ($_SESSION["buyer"]["Zip"] != $zip) {$_SESSION["manualFilter"] = true;$_SESSION["buyer"]["Zip"] = $zip;}}else if (strlen($zip) == 0) {$_SESSION["buyer"]["Zip"] = "";}}$_SESSION["discogsTitle"] = "";$_SESSION["discogsArtist"] = "";$searchTerm = (empty($_POST['searchTerm']) ? "" : searchFriendlyString($_POST['searchTerm']));if (empty($searchTerm)) {resetSessionVars();}else {$_SESSION["searchTerm"] = $searchTerm;performSearch();}}else if ($_POST["submit"] == "Save") {$_SESSION["manualFilter"] = true;if (!isset($_POST["filterCondition"])) {$_POST["filterCondition"] = []; }if (!is_array($_POST["filterCondition"])) { $_POST["filterCondition"] = [ $_POST["filterCondition"] ];}$_SESSION["filterCondition"]["New"] = in_array("New", $_POST["filterCondition"]);$_SESSION["filterCondition"]["Used"] = in_array("Used", $_POST["filterCondition"]);if (!isset($_POST["filterMediaType"])) {$_POST["filterMediaType"] = []; }if (!is_array($_POST["filterMediaType"])) { $_POST["filterMediaType"] = [ $_POST["filterMediaType"] ];}$_SESSION["filterMediaType"]["CD"] = in_array("CD", $_POST["filterMediaType"]);$_SESSION["filterMediaType"]["Record"] = in_array("Record", $_POST["filterMediaType"]);$_SESSION["filterMediaType"]["Digital"] = in_array("Digital", $_POST["filterMediaType"]);$_SESSION["filterMediaType"]["Book"] = in_array("Book", $_POST["filterMediaType"]);$_SESSION["discogsTitle"] = "";$_SESSION["discogsArtist"] = "";$searchTerm = searchFriendlyString($_POST['searchTerm']);if (empty($searchTerm)) {resetSessionVars();}else {$_SESSION["searchTerm"] = $searchTerm;performSearch();}}else if ($_POST["submit"] == "discogsSearch") {$searchTerm = "";if (!empty($_POST['discogsBarcode'])) {$searchTerm = searchFriendlyString($_POST['discogsBarcode']);}else {if (!empty($_POST['discogsTitle'])) {$searchTerm = $_POST['discogsTitle'];}if (!empty($_POST['discogsArtist'])) {$searchTerm .= " " . $_POST['discogsArtist'];}$searchTerm = trim($searchTerm);}if (empty($searchTerm)) {resetSessionVars();}else {$_SESSION["searchTerm"] = $searchTerm;if (isset($_POST['discogsTitle'])) {$_SESSION["discogsTitle"] = searchFriendlyString($_POST['discogsTitle']);}if (isset($_POST['discogsArtist'])) {$_SESSION["discogsArtist"] = searchFriendlyString($_POST['discogsArtist']);}performSearch();}}else if ($_POST["submit"] == "unsubscribe") {// bugbug}}else if ($_SERVER["REQUEST_METHOD"] == "GET") {if (isset($_GET['z'])) {$_SESSION["buyer"]["Zip"] = "";$zip = sanitizeInput($_GET['z']);if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {$_SESSION["buyer"]["Zip"] = $zip;}}$_SESSION["searchTerm"] = "";if (isset($_GET['q'])) {$_SESSION["searchTerm"] = searchFriendlyString($_GET["q"]);performSearch();}}$xh->insert_code(navigationPane(isset($userPicture) ? $userPicture : null));$xh->add_attribute("class", "page-header bg-primary");$xh->tag('div');$xh->add_attribute("class", "container text-center py-3");$xh->tag('div');if (getPGV('submit') == "terms") {$xh->tag('h1', "Terms of Service");}else if (getPGV('submit') == "privacy") {$xh->tag('h1', "Privacy Policy");}else if (getPGV('submit') == "coupons") {$xh->tag('h1', "Special Offers & Coupon Codes");}else if (getPGV('submit') == "wishlist") {$xh->tag('h1', "Wishlist");if (!empty($_SESSION['priceMonitor'])) {$xh->add_attribute("method", "post");$xh->add_attribute("action", "/index.php");$xh->tag('form');$xh->insert_code(inputSessionTab());$xh->insert_code(inputNonce());$xh->add_attribute("class", "btn btn-info rounded");$xh->add_attribute("id", "priceMonitor");$xh->add_attribute("type", "submit");$xh->add_attribute("name", "submit");$xh->add_attribute("value", "priceMonitor");$xh->tag('button', "Price Monitor Results");if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) {$xh->add_attribute("class", "badge badge-pill badge-dark");$xh->tag('span', ">New");}$xh->close(); // button$xh->close(); // form}}else if (getPGV('submit') == "priceMonitor") {$xh->tag('h1', "Price Monitor Results");}else if (getPGV('submit') == "help") {$xh->tag('h1', "Getting Started");}else if (getPGV('submit') == "barcode") {$xh->tag('h1', "Barcode Checker");}else if (getPGV('submit') == "unsubscribe") {$xh->tag('h1', "Unsubscribe Wishlist");}else {$xh->tag('h1', "Find Cheap CDs, Records, Digital, Books and Sheets");$xh->add_attribute("id", "textslide");$xh->add_attribute("class", "d-none d-sm-block");$xh->tag('p', "Bookmark FindCheapMusic.com");}$xh->close(); // div$xh->close(); // div$xh->insert_code(mainSearchForm());if (getPGV('submit') == "terms") {$snip = file_get_contents('snippets/terms.txt');$snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);$xh->insert_code($snip);}else if (getPGV('submit') == "privacy") {$snip = file_get_contents('snippets/privacy.txt');$snip = str_replace("<script>", "<script nonce=\"" . base64_encode($_SESSION["nonce"]) . "\">", $snip);$xh->insert_code($snip);}else if (getPGV('submit') == "help") {$xh->insert_code(printHelp());}else if (getPGV('submit') == "barcode") {$xh->insert_code(barcodePage());}else if (getPGV('submit') == "coupons") {//get_linkshareCoupons(); // bugbug$xh->insert_code(getCouponCodes());}else if (getPGV('submit') == "wishlist") {$xh->insert_code(getWishlist());}else if (getPGV('submit') == "priceMonitor") {$xh->add_attribute("class", "container");$xh->add_attribute("id", "productTable");$xh->tag('div');$xh->insert_code(getPriceMonitor());$xh->close(); // div}else if (getPGV('submit') == "unsubscribe") {$xh->insert_code(unsubscribeWishlist($_GET));}else if (getPGV('submit') == "random") {findDiscogsMaster("***RANDOM***");if (!empty($_SESSION["discogs"])) {$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));}}else {if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));$xh->add_attribute("class", "container border py-2");$xh->add_attribute("id", "productTable");$xh->tag('div');$xh->insert_code(storeOfferHeader());if ($_SESSION["lowestPrice"]["All"] > 0.00) {$xh->insert_code(printResultHeader());}$xh->insert_code(printResult());$xh->close(); // div}else if (!empty($_SESSION["discogs"])) {$xh->insert_code(str_replace("xxxNONCExxx", base64_encode($_SESSION["nonce"]), $_SESSION["discogs"]));}else {$xh->insert_code(startscreen());}$xh->insert_code(printSearchInfoModal());}$xh->insert_code(printProgessbarModal());$xh->insert_code(printTopButton());$xh->insert_code(htmlFooter());$xh->insert_code(headerQuoteSlides());$xh->insert_code(downloadAtOnload());$xh->tag('form');$xh->add_attribute("type", "hidden");$xh->add_attribute("id", "nonce");$xh->add_attribute("name", "nonce");$xh->add_attribute("value", $_SESSION["nonce"]);$xh->single_tag('input');$xh->close(); // form$xh->close(); // body$xh->close(); // html$html = $xh->flush();//error_log(print_r($html, 1));echo $html;MySessionHandler::commit(session_id());