Rev 86 | Rev 106 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<?php
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/dnsexit.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/sessions_db.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/cryptor.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/vendors.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/tools.php");
include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/wishlist.php");
error_reporting(E_ALL);
$userData = [];
$userTheme = 'default';
$configFile = parse_ini_file($_SERVER['DOCUMENT_ROOT'] . FCM_CONFIGFILE, true);
$crypt = Cryptor::getInstance($configFile['cryptor']);
$tmpSessionTab = (isset($_POST["sessionTab"]) && $_POST["sessionTab"] > 0 ? $_POST["sessionTab"] : null);
$handler = MySessionHandler::getInstance($tmpSessionTab, $configFile['mysqli']);
$vendors = Vendors::getInstance();
Vendors::setAllVendors($configFile, $vendors);
unset($configFile);
ini_set("session.cookie_httponly", 1);
ini_set("session.cookie_secure", 1);
session_set_save_handler($handler, true);
if (!empty($_COOKIE['PHPSESSID'])) {
session_id($_COOKIE['PHPSESSID']);
}
session_start();
// Check whether user ID is available in cookie
if (!empty($_COOKIE['rememberUserId']) && !empty($_COOKIE['hash']) && empty($_SESSION['sessData']['loginType'])) {
require_once 'login/includes/config.php';
require_once 'login/includes/User.class.php';
require_once 'login/includes/password.php';
$user = new User();
$conditions['where'] = array(
'id' => $_COOKIE['rememberUserId']
);
$conditions['return_type'] = 'single';
$userData = $user->getRows($conditions);
if (!empty($userData) && password_verify($userData['password'] . $userData['id'], $_COOKIE['hash'])) {
$_SESSION['sessData']['userLoggedIn'] = true;
$_SESSION['sessData']['userID'] = $_COOKIE['rememberUserId'];
$userPicture = getUserImage($userData);
$userTheme = $userData['theme'];
$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
if (empty($_SESSION["manualFilter"])) {
$_SESSION['buyer']['Zip'] = $userData['zip'];
$_SESSION['buyer']['Country'] = 'United States';
$_SESSION['buyer']['Currency'] = 'USD';
$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
}
}
else {
unsetSessData();
}
// or if the user has already logged in
}
else if (isLoggedIn()) {
require_once 'login/includes/config.php';
require_once 'login/includes/User.class.php';
require_once 'login/includes/password.php';
$user = new User();
$conditions['where'] = array(
'id' => $_SESSION['sessData']['userID']
);
$conditions['return_type'] = 'single';
$userData = $user->getRows($conditions);
if (!empty($userData)) {
$userPicture = getUserImage($userData);
$userTheme = $userData['theme'];
$_SESSION["currentLayout"] = ($userData['cardView'] == '1' ? 'CardView' : 'TableView');
if (empty($_SESSION["manualFilter"])) {
$_SESSION['buyer']['Zip'] = $userData['zip'];
$_SESSION['buyer']['Country'] = 'United States';
$_SESSION['buyer']['Currency'] = 'USD';
$_SESSION["filterCondition"]["New"] = $userData['conditionNew'];
$_SESSION["filterCondition"]["Used"] = $userData['conditionUsed'];
$_SESSION["filterMediaType"]["CD"] = $userData['mediaCD'];
$_SESSION["filterMediaType"]["Record"] = $userData['mediaRecord'];
$_SESSION["filterMediaType"]["Digital"] = $userData['mediaDigital'];
$_SESSION["filterMediaType"]["Book"] = $userData['mediaBook'];
}
}
else {
unsetSessData();
}
// not logged in
}
else {
unsetSessData();
}
checkPriceMonitor();
?>
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Find Cheap Music... CDs, Records, Digital, Books and Sheets</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<?php include_once ($_SERVER['DOCUMENT_ROOT'] . "/php/header.php"); ?>
<link rel="stylesheet" href="/css/jquery.flexdatalist.min.css" integrity="sha384-IUkltzhO8hiEuEm0UJQvWrrtE1xqVHA0NbUeIY7a+zCokg7LqiDf5HSt69ru8a7R" crossorigin="anonymous">
<script src="/js/jquery.flexdatalist.min.js" integrity="sha384-JKZ5fd3wxuyCR/AhbpbYALE2xwlYMGYu0XpsXixX7YOni1G0is+vwTuSMuGGYhnl" crossorigin="anonymous"></script>
<script src="/js/input-clearer.min.js" integrity="sha384-PPIpFAWvzKO0l06o6zNV8tPFHNistosIDKHylKx5kJIM9zceSlJxAScUWQpt02xy" crossorigin="anonymous"></script>
<script src="/js/paginate.min.js" integrity="sha384-sN78hrw/H8RzeS4ete92bJj3Y0lEBeiryHisgrRm/pvsPyGLf0M14Vnm+cRxVchm" crossorigin="anonymous"></script>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
</head>
<body>
<?php
initSessionVariables();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if ($_POST["submit"] == "Search") {
if (empty($_SESSION['buyer']['Zip'])) {
$zip = (empty($_POST['buyerZip']) ? "" : sanitizeInput($_POST['buyerZip']));
if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {
if ($_SESSION["buyer"]["Zip"] != $zip) {
$_SESSION["manualFilter"] = true;
$_SESSION["buyer"]["Zip"] = $zip;
}
}
else if (strlen($zip) == 0) {
$_SESSION["buyer"]["Zip"] = "";
}
}
$_SESSION["discogsTitle"] = "";
$_SESSION["discogsArtist"] = "";
$searchTerm = (empty($_POST['searchTerm']) ? "" : searchFriendlyString($_POST['searchTerm']));
if (empty($searchTerm)) {
resetSessionVars();
}
else {
$_SESSION["searchTerm"] = $searchTerm;
if (checkSearchFilters()) {
performSearch();
}
}
}
else if ($_POST["submit"] == "Save") {
$_SESSION["manualFilter"] = true;
if (!isset($_POST["filterCondition"])) {$_POST["filterCondition"] = []; }
if (!is_array($_POST["filterCondition"])) { $_POST["filterCondition"] = [ $_POST["filterCondition"] ];}
$_SESSION["filterCondition"]["New"] = in_array("New", $_POST["filterCondition"]);
$_SESSION["filterCondition"]["Used"] = in_array("Used", $_POST["filterCondition"]);
if (!isset($_POST["filterMediaType"])) {$_POST["filterMediaType"] = []; }
if (!is_array($_POST["filterMediaType"])) { $_POST["filterMediaType"] = [ $_POST["filterMediaType"] ];}
$_SESSION["filterMediaType"]["CD"] = in_array("CD", $_POST["filterMediaType"]);
$_SESSION["filterMediaType"]["Record"] = in_array("Record", $_POST["filterMediaType"]);
$_SESSION["filterMediaType"]["Digital"] = in_array("Digital", $_POST["filterMediaType"]);
$_SESSION["filterMediaType"]["Book"] = in_array("Book", $_POST["filterMediaType"]);
$_SESSION["discogsTitle"] = "";
$_SESSION["discogsArtist"] = "";
$searchTerm = searchFriendlyString($_POST['searchTerm']);
if (empty($searchTerm)) {
resetSessionVars();
}
else {
$_SESSION["searchTerm"] = $searchTerm;
if (checkSearchFilters()) {
performSearch();
}
}
}
else if ($_POST["submit"] == "discogsSearch") {
$searchTerm = "";
if (!empty($_POST['discogsBarcode'])) {
$searchTerm = searchFriendlyString($_POST['discogsBarcode']);
}
else {
if (!empty($_POST['discogsTitle'])) {
$searchTerm = $_POST['discogsTitle'];
}
if (!empty($_POST['discogsArtist'])) {
$searchTerm .= " " . $_POST['discogsArtist'];
}
$searchTerm = trim($searchTerm);
}
if (empty($searchTerm)) {
resetSessionVars();
}
else {
$_SESSION["searchTerm"] = $searchTerm;
if (isset($_POST['discogsTitle'])) {
$_SESSION["discogsTitle"] = searchFriendlyString($_POST['discogsTitle']);
}
if (isset($_POST['discogsArtist'])) {
$_SESSION["discogsArtist"] = searchFriendlyString($_POST['discogsArtist']);
}
if (checkSearchFilters()) {
performSearch();
}
}
}
else if ($_POST["submit"] == "unsubscribe") {
// bugbug
}
else if (in_array($_POST["submit"], $buttonArr)) {
$_SESSION["currentView"] = $_POST["submit"];
filterResults();
}
}
else if ($_SERVER["REQUEST_METHOD"] == "GET") {
if (isset($_GET['z'])) {
$_SESSION["buyer"]["Zip"] = "";
$zip = sanitizeInput($_GET['z']);
if (strlen($zip) == 5 && preg_match("/^[0-9 ]*$/", $zip)) {
$_SESSION["buyer"]["Zip"] = $zip;
}
}
$_SESSION["searchTerm"] = "";
if (isset($_GET['q'])) {
$_SESSION["searchTerm"] = searchFriendlyString($_GET["q"]);
if (checkSearchFilters()) {
performSearch();
}
}
}
?>
<form method="post" action="/index.php">
<input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">
<input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">
<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"]; ?>">
<nav class="navbar navbar-expand-sm bg-black navbar-dark fixed-top">
<div class="navbar-header">
<button type="submit" name="submit" value="Search" class="btn text-white">Find Cheap Music</button>
</div>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsibleNavbar">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="collapsibleNavbar">
<ul class="navbar-nav mr-auto">
<li class="nav-item">
<button type="submit" name="submit" value="Search" class="nav-link btn"><i class="fas fa-home"></i></button>
</li>
<?php if (isLoggedIn()) { ?>
<li class="nav-item">
<button type="submit" name="submit" value="coupons" class="nav-link btn">Coupons</button>
</li>
<li class="nav-item">
<button type="submit" name="submit" value="wishlist" class="nav-link btn">Wishlist
<?php if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) { echo '<scan class="badge badge-pill badge-light">New</scan>'; } ?>
</button>
</li>
<?php
} ?>
<li class="nav-item">
<button type="submit" name="submit" value="terms" class="nav-link btn">Terms of Service</button>
</li>
<li class="nav-item">
<button type="submit" name="submit" value="privacy" class="nav-link btn">Privacy Policy</button>
</li>
<li class="nav-item">
<button type="submit" name="submit" value="help" class="nav-link btn"><i class="far fa-question-circle"></i></button>
</li>
</ul>
<ul class="navbar-nav">
<?php if (!isLoggedIn()) { ?>
<li class="nav-item">
<a href="/login/index.php" class="nav-link btn"><i class='fas fa-sign-in-alt'></i> Login</a>
</li>
<?php
}
else { ?>
<li class="nav-item">
<img class="img-fluid hide-extra-small hide-small user-img" src="<?php echo $userPicture ?>" alt="User Image">
</li>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="navbardrop" data-toggle="dropdown"><i class="fas fa-user-cog"></i> Account</a>
<div class="dropdown-menu dropdown-menu-right">
<button formaction="/login/account.php" type="submit" name="submit" value="account" class="dropdown-item btn"><i class="fas fa-info-circle"></i> Information</button>
<button formaction="/login/editAccount.php" type="submit" name="submit" value="editAccount" class="dropdown-item btn"><i class="fas fa-edit"></i> Edit Account</button>
<?php if (empty($_SESSION['sessData']['loginType']) || $_SESSION['sessData']['loginType'] != 'social') { ?>
<button formaction="/login/changePassword.php" type="submit" name="submit" value="changePassword" class="dropdown-item btn"><i class="fas fa-key"></i> Change Password</button>
<?php
} ?>
<button formaction="/login/userAccount.php?logoutSubmit=1" type="submit" name="submit" value="logout" class="dropdown-item btn"><i class='fas fa-sign-out-alt'></i> Logout</button>
</div>
</li>
<?php
} ?>
</ul>
</div>
</nav>
</form>
<div class="page-header bg-primary">
<div class="container text-center py-3">
<?php
if (getPGV('submit') == "terms") {
echo file_get_contents('snippets/headerTerms.txt');
}
else if (getPGV('submit') == "privacy") {
echo file_get_contents('snippets/headerPrivacy.txt');
}
else if (getPGV('submit') == "coupons") {
echo file_get_contents('snippets/headerCoupons.txt');
}
else if (getPGV('submit') == "wishlist") {
echo file_get_contents('snippets/headerWishlist.txt');
if (!empty($_SESSION['priceMonitor'])) {
?>
<form method="post" action="/index.php">
<input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">
<button id="priceMonitor" type="submit" class="btn btn-success rounded" name="submit" value="priceMonitor">Price Monitor Results
<?php if (!empty($_SESSION['priceMonitor']['newFlag']) && $_SESSION['priceMonitor']['newFlag'] === true) { echo '<scan class="badge badge-pill badge-dark">New</scan>'; } ?>
</button>
</form>
<?php
}
}
else if (getPGV('submit') == "priceMonitor") {
echo file_get_contents('snippets/headerPriceMonitor.txt');
}
else if (getPGV('submit') == "help") {
echo file_get_contents('snippets/headerHelp.txt');
}
else if (getPGV('submit') == "unsubscribe") {
echo file_get_contents('snippets/unsubscribeWishlist.txt');
}
else {
echo '<p id="textslide" class="d-none d-sm-block">FindCheapMusic.com</p>';
}
?>
</div>
</div>
<div class="container-fluid bg-primary py-3">
<?php
if (!in_array(getPGV('submit') , array(
"terms",
"privacy",
"coupons",
"wishlist",
"priceMonitor",
"help",
"unsubscribe"
))) {
echo $_SESSION["filterWarnings"];
}
?>
<form <?php if (in_array(getPGV('submit') , array(
"terms",
"privacy",
"coupons",
"wishlist",
"priceMonitor",
"help",
"unsubscribe"
))) {
echo "hidden";
} ?> method="post" action="/index.php" class="form-inline"
onsubmit="if (document.getElementById('searchTerm').value != '') { progressBar('Searching for:<br><br><strong>' + document.getElementById('searchTerm').value.toLowerCase().replace(/(?:(^.{1})|\ [a-z]{1})/g, function(a){return a.toUpperCase();}) + '</strong>');document.getElementById('searchBtn').innerHTML = '<span class=\'spinner-border spinner-border-sm\'></span> Searching, please wait...'; }">
<input id="sessionId" type="hidden" name="sessionId" value="<?php echo session_id(); ?>">
<input id="sessionTab" type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">
<div class="form-group">
<div class="btn-group">
<button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#searchInfoModal" data-toggle2="tooltip" title="Search Tips"><i class="fas fa-info-circle btn-search"></i></button>
<button class="btn input-group-text mx-1 rounded" type="button" data-toggle="modal" data-target="#filterModal" data-keyboard="false" data-toggle2="tooltip" title="Search Filter"><i class="fas fa-filter btn-search"></i></button>
<div class="btn-group">
<button class="btn dropdown-toggle <?php echo ($_SESSION["buyer"]["Zip"] == '' ? "btn-warning" : "input-group-text"); ?> mx-1 rounded" type="button" data-toggle="dropdown" data-toggle2="tooltip" title="<?php echo ($_SESSION["buyer"]["Zip"] == '' ? "Please enter your postal code to get the accurate shipping cost for items listed using a shipping rate table." : "Shipping to"); ?>"><i class="fas fa-shipping-fast btn-search"></i></button>
<div class="dropdown-menu">
<div class="form-inline">
<label class="m-2">Shipping to:</label>
<input type="text" class="form-control form-control-sm m-2" maxlength="20" style="width:12em!important" id="buyerCountry" name="buyerCountry" value="United States" readonly>
<input type="text" class="form-control form-control-sm m-2" maxlength="3" style="width:3.5em!important" id="buyerCurrency" name="buyerCurrency" value="USD" readonly>
<input type="text" class="form-control form-control-sm m-2" maxlength="5" style="width:5.5em!important" id="buyerZip" name="buyerZip" placeholder="Zip Code" value="<?php echo $_SESSION["buyer"]["Zip"]; ?>">
</div>
</div>
</div>
</div>
</div>
<div class="form-group mx-1">
<input id="searchTerm" list="searchHistory" name="searchTerm" type="text" class="form-control flexdatalist searchTerm-width" placeholder="Search by Barcode, Artist, Title, ..." value="<?php echo getSV("searchTerm") ?>">
<datalist id="searchHistory">
<?php echo getSearchHistory(); ?>
</datalist>
</div>
<div class="form-group">
<button id="searchBtn" type="submit" class="btn btn-success mx-1 rounded" name="submit" value="Search">Go</button>
</div>
</form>
</div>
<?php
if (getPGV('submit') == "terms") {
echo file_get_contents('snippets/terms.txt');
}
else if (getPGV('submit') == "privacy") {
echo file_get_contents('snippets/privacy.txt');
}
else if (getPGV('submit') == "help") {
echo file_get_contents('snippets/help.txt');
}
else if (getPGV('submit') == "coupons") {
//get_linkshareCoupons(); // bugbug
echo getCouponCodes();
}
else if (getPGV('submit') == "wishlist") {
echo getWishlist();
}
else if (getPGV('submit') == "priceMonitor") {
echo "<div id=\"productTable\" class=\"container bg-secondary border pt-2\">";
echo getPriceMonitor(); // bugbug
echo "</div>";
}
else if (getPGV('submit') == "unsubscribe") {
echo unsubscribeWishlist($_GET);
}
else if (getPGV('submit') == "random") {
findDiscogsMaster("***RANDOM***");
echo $_SESSION["discogs"];
}
else {
if ($_SESSION["lowestPrice"]["All"] > 0.00 || !empty($_SESSION["searchTerm"])) {
echo $_SESSION["discogs"];
echo "<div id=\"productTable\" class=\"container bg-secondary border pt-2\">";
echo "<h4 class=\"text-center py-2\">Store Offers</h4>";
echo printResultHeader();
echo printResult();
echo "</div>";
}
else if (!empty($_SESSION["discogs"])) {
echo $_SESSION["discogs"];
}
else {
?>
<div class="container-fluid text-center">
<form method="post" action="/index.php">
<input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">
<input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">
<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"]; ?>">
<button id="randomBtn" type="submit" class="btn btn-success mt-5 rounded" name="submit" value="random">Random Album Suggestions</button>
</form>
</div>
<?php
}
echo printSearchFilterModal();
echo printSearchInfoModal();
}
?>
<div class="modal" id="progressBarDiv">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<div class="modal-header">
<h4 id="progressBarHeader">Searching</h4>
</div>
<div class="modal-body">
<div class="progress">
<div id="progressBar" class="progress-bar" style="width:0%">0%</div>
</div>
</div>
<div class="modal-footer">
<span id="progressBarMessage"></span>
</div>
</div>
</div>
</div>
<button onclick="topFunction()" id="topBtn" title="Go to top">Top</button>
<footer class="container-fluid text-center bg-primary py-5">
<?php if (!empty($_SESSION["searchTerm"]) || getPGV('submit') == "priceMonitor") {
echo "<p>Disclaimer: As an Associate we earn from qualifying purchases.</p>";
}
?>
<form method="post" action="/index.php">
<input type="hidden" name="sessionTab" value="<?php echo MySessionHandler::getSessionTab(); ?>">
<input type="hidden" name="searchTerm" value="<?php echo getSV("searchTerm") ?>">
<input type="hidden" name="buyerZip" value="<?php echo $_SESSION["buyer"]["Zip"]; ?>">
<ul class="list-inline text-center">
<li class="list-inline-item">
<button class="btn btn-sm btn-light" type="submit" name="submit" value="terms">Terms of Service</button>
</li>
<li class="list-inline-item">
<button class="btn btn-sm btn-light" type="submit" name="submit" value="privacy">Privacy Policy</button>
</li>
</ul>
</form>
<p>Copyright © <?php echo @date("Y"); ?> FindCheapMusic.com. All rights reserved.</p>
</footer>
<script src="js/dr.min.js" defer integrity="sha384-X0Mk9TxrJE6sBB+QYyhf98BYJoaQ1lrD5Qyf9qWDXn1nmdgICFL45QzblqlepIcs" crossorigin="anonymous"></script>
<script async src="https://www.googletagmanager.com/gtag/js?id=UA-105816859-2"></script>
<script>var quotes = [
<?php
if ($file = fopen("snippets/header.txt", "r")) {
while (($line = fgets($file)) !== false) {
echo "\"" . trim($line) . "\",";
}
fclose($file);
}
?>
]; setInterval(function() { $("#textslide").html(quotes[Math.floor(Math.random() * (quotes.length + 1))]); }, 5 * 1000);
<!-- Global site tag (gtag.js) - Google Analytics -->
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-105816859-2');
</script>
</body>
</html>
<?php MySessionHandler::commit(session_id()); ?>